CVE-2016-10398
CVE-2016-10398 affects Android 6.0 where an authentication bypass exists for attackers with root and physical access. AuthTokens used by the Trusted Execution Environment (TEE) are protected by a weak challenge, enabling replay of captured responses and use of the TEE without authenticating. All ...