4 matches found
Nexus 9 vs. Malicious Headphones, Take Two
Nexus 9 vs. Malicious Headphones, Take Two In March 2017 we disclosed CVE-2017-0510, a critical vulnerability in Nexus 9, that allowed for quite unique an attack by malicious headphones. Interestingly, its patch was insufficient. We had responsibly reported that finding CVE-2017-0648 to Google,...
Google Nexus 9 Unauthorized Access to FIQ Debugger(CVE-2017-0510)
Nexus 9 allows unauthorized access to the FIQ debugger via its headphones jack. This allows for sensitive information theft, via malicious headphones, out of any process. Moreover it allows the adversary to reboot the device into HBOOT, which may aid in further exploitation such as accessing...
CVE-2017-0510
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0510
CVE-2017-0510 describes an elevation-of-privilege vulnerability in the Android kernel FIQ debugger that could allow a local malicious app to execute code in kernel context. Affected: Android on Kernel-3.10 (Nexus 9 cited). Impact: potential local permanent device compromise requiring OS reflashin...