PatchSiren cyber security CVE debrief

CVE-2026-33317 OP-TEE CVE debrief

A high-severity vulnerability in OP-TEE, a Trusted Execution Environment (TEE) for Arm Cortex-A cores, allows for out-of-bounds read and write operations. This vulnerability, tracked as CVE-2026-33317, affects OP-TEE versions 3.13.0 through 4.10.0 and has a CVSS score of 8.7. The vulnerability is caused by missing checks in the `entry_get_attribute_value()` function in `ta/pkcs11/src/object.c`, which can lead to out-of-bounds reads from the PKCS#11 TA heap or crashes. When chained with the out-of-bounds read, the PKCS#11 TA function `PKCS11_CMD_GET_ATTRIBUTE_VALUE` or `entry_get_attribute_value()` can be tricked into reading at most 7 bytes beyond the end of the template buffer and writing beyond the end of the template buffer with the content of an attribute value of a PKCS#11 object.

Vendor: OP-TEE
Product: optee_os
CVSS: HIGH 8.7
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-04-24
Original CVE updated: 2026-06-05
Advisory published: 2026-04-24
Advisory updated: 2026-06-05

Who should care

Users of OP-TEE versions 3.13.0 through 4.10.0 should apply patches to mitigate this vulnerability. The patches are anticipated to be part of version 4.11.0 and are available in commits e031c4e562023fd9f199e39fd2e85797e4cbdca9, 16926d5a46934c46e6656246b4fc18385a246900, and 149e8d7ecc4ef8bb00ab4a37fd2ccede6d79e1ca.

Technical summary

The vulnerability is caused by missing checks in the `entry_get_attribute_value()` function in `ta/pkcs11/src/object.c`. This allows for out-of-bounds reads from the PKCS#11 TA heap or crashes. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L.

Defensive priority

high

Recommended defensive actions

Apply patches from commits e031c4e562023fd9f199e39fd2e85797e4cbdca9, 16926d5a46934c46e6656246b4fc18385a246900, and 149e8d7ecc4ef8bb00ab4a37fd2ccede6d79e1ca.
Upgrade to OP-TEE version 4.11.0 or later.

Evidence notes

The CVE record and details can be found at [cve-org]. The NVD detail page is available at [nvd]. Additional information and patches can be found at [ref-4], [ref-5], [ref-6], and [ref-7].

Official resources

CVE-2026-33317 CVE record
CVE.org
CVE-2026-33317 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Patch
Mitigation or vendor reference
[email protected] - Patch
Mitigation or vendor reference
[email protected] - Patch
Mitigation or vendor reference
[email protected] - Exploit, Patch, Vendor Advisory

CVE-2026-33317 was published on 2026-04-24T03:16:11.020Z and modified on 2026-06-05T20:21:09.490Z.