CVE-2024-11864 – CVE-2024-11864 is a vulnerability in SCP-Firmwa... (How to Fix)

Q: What is the severity of CVE-2024-11864?

CVE-2024-11864 has a CVSS score of 7.5 (HIGH). CVE-2024-11864 is a vulnerability in SCP-Firmware where specially crafted SCMI messages can cause a Usage Fault and crash the System Control Processor (SCP). This affects systems using SCP-Firmware up to version 2.15.0, potentially disrupting platform management functions.

📋 TL;DR

CVE-2024-11864 is a vulnerability in SCP-Firmware where specially crafted SCMI messages can cause a Usage Fault and crash the System Control Processor (SCP). This affects systems using SCP-Firmware up to version 2.15.0, potentially disrupting platform management functions.

💻 Affected Systems

Products:

SCP-Firmware

Versions: Up to and including version 2.15.0

Operating Systems: Any OS running on platforms with vulnerable SCP-Firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects ARM-based systems using SCP-Firmware for platform management. The vulnerability is in the SCMI message handling component.

📦 What is this software?

Scp Firmware by Arm

View all CVEs affecting Scp Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete SCP crash leading to loss of system management functions, potential denial of service for platform control features, and possible system instability.

🟠

Likely Case

SCP crash requiring system reboot to restore management functionality, causing temporary service disruption.

🟢

If Mitigated

Limited impact with proper network segmentation and SCMI message validation in place.

🌐 Internet-Facing: LOW - SCP interfaces are typically internal management interfaces not directly internet-exposed.

🏢 Internal Only: MEDIUM - Requires access to internal management network but could be exploited by compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires sending specially crafted SCMI messages to the SCP. This typically requires some level of system access or ability to communicate with the SCP interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: SCP-Firmware version 2.16.0 or later

Vendor Advisory: https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability%20CVE-2024-11863-11864

Restart Required: No

Instructions:

1. Download SCP-Firmware version 2.16.0 or later from ARM. 2. Follow vendor-specific firmware update procedures for your platform. 3. Verify the update was successful by checking the firmware version.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to SCP management interfaces to only authorized management systems

SCMI Message Filtering

all

Implement filtering or validation of SCMI messages at the system level if supported

🧯 If You Can't Patch

Implement strict network access controls to SCP interfaces
Monitor for abnormal SCMI message patterns or SCP crashes

🔍 How to Verify

Check if Vulnerable:

Check SCP-Firmware version. If version is 2.15.0 or earlier, the system is vulnerable.

Check Version:

Platform-specific command to check SCP-Firmware version (varies by vendor)

Verify Fix Applied:

Verify SCP-Firmware version is 2.16.0 or later after patching.

📡 Detection & Monitoring

Log Indicators:

SCP crash logs
Usage Fault errors in system logs
Abnormal SCMI message patterns

Network Indicators:

Unusual SCMI traffic to SCP interfaces

SIEM Query:

Search for 'SCP crash' OR 'Usage Fault' OR 'SCMI error' in system logs

📊 Metadata

CVE ID: CVE-2024-11864

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-755

EPSS Score: 0.24% exploit probability (47th percentile)

Published: January 14, 2025

Last Updated: December 23, 2025

🔗 References

https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability%20CVE-2024-11863-11864 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11864, you might also want to check these: