557 matches found
CVE-2017-6289
In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment TEE contains a memory corruption due to unusual root cause vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as...
CVE-2017-6289
In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment TEE contains a memory corruption due to unusual root cause vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as...
Google Android has an unspecified vulnerability (CNVD-2018-10037)
Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA for short, and Qualcomm MDM9625 and other central processing unit CPU products from Qualcomm are used in different platforms. A security vulnerability exists in the Qualcomm...
The vulnerability of the Trustlet component of Samsung’s microsoftware and Exynos chips allows a hacker to execute arbitrary code within the Trusted Execution Environment (TEE) and gain access to protected information.
The vulnerability of the Trustlet microprogramming system in Samsung Mobile devices and Exynos chips is related to buffer overflow attacks on the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the TEE Trusted Execution Environment and gain access to...
The vulnerability of the message transfer interface (Qualcomm Trusted Execution Environment) of the Android operating system, which allows a perpetrator to execute arbitrary code
The vulnerability of the message transmission interface Qualcomm Trusted Execution Environment, TEE in the Android operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2018-5210
On Samsung mobile devices with N7.x software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information PIN, password, or pattern. The Samsung ID is SVE-2017-10733...
OP-TEE libMPA Information Disclosure Vulnerability
OP-TEE is a set of open source trusted execution environments. libMPA is one of the dynamic connection libraries. An information disclosure vulnerability exists in the Montgomery portion of libMPA in OP-TEE 2.4.0 and earlier. An attacker can exploit this vulnerability to recover a private key...
CVE-2017-8142
The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...
CVE-2017-8142
CVE-2017-8142 affects Huawei Mate 9 and Mate 9 Pro devices, where the TEE module driver is vulnerable to a Use-After-Free (UAF). The issue occurs on software versions earlier than MHA-AL00BC00B221 and LON-AL00BC00B221. An attacker can entice a user to install a malicious app that spawns multiple ...
CVE-2017-8142
The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...
The vulnerability of the Android operating system lies in its lack of access control during user authentication. This allows attackers to replicate previously intercepted responses and use the Trusted Execution Environment (TEE) without being detected.
The vulnerability of the Android operating system is related to deficiencies in access control during user authentication. Exploiting this vulnerability allows a malicious actor to utilize the Trusted Execution Environment TEE without verifying the authenticity of the environment, and to replicat...
CVE-2016-10398
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...
CVE-2016-10398
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...
Authentication flaw
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...
CVE-2016-10398
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the Android operating system arises from the existence of elevated privileges for external components of the TEE. Exploiting this vulnerability allows a malicious actor, operating remotely, to enhance their privileges...
The vulnerability of the Android operating system, which allows a hacker to bypass the certificate verification process
The vulnerability of the Android operating system is related to errors in pointer checking during the execution of system calls for QTEE. Exploiting this vulnerability allows a remote attacker to bypass certificate verification...
Google Android Unauthorized Operation Vulnerability (CNVD-2017-11472)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android that stems from a QTEE system call that fails to validate a pointer. An attacker can exploit the vulnerability to perform unauthorized...
Huawei Mobile TEE Module Use After Free Vulnerability
The Mate 9 and Mate 9 Pro are a smartphone from Huawei China. Trusted Execution Environment TEE is a secure area on the main processor of a mobile device The Huawei Mate 9 and Mate 9 Pro phones have an Use After Free UAF security vulnerability in the TEE module. An attacker induces a user to...
The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows a hacker to gain access to local files.
The vulnerability of the TrustZone technology a DRM sub-program of Qualcomm’s Secure Execution Environment for Android from the CAF repository is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to gain access to local files...