The vulnerability of the Trustlet component of Samsung’s microsoftware and Exynos chips allows a hacker to execute arbitrary code within the Trusted Execution Environment (TEE) and gain access to protected information.

The vulnerability of the Trustlet microprogramming system in Samsung Mobile devices and Exynos chips is related to buffer overflow attacks on the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the TEE Trusted Execution Environment and gain access to...

The vulnerability of the message transfer interface (Qualcomm Trusted Execution Environment) of the Android operating system, which allows a perpetrator to execute arbitrary code

The vulnerability of the message transmission interface Qualcomm Trusted Execution Environment, TEE in the Android operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2018-5210

On Samsung mobile devices with N7.x software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information PIN, password, or pattern. The Samsung ID is SVE-2017-10733...

OP-TEE libMPA Information Disclosure Vulnerability

OP-TEE is a set of open source trusted execution environments. libMPA is one of the dynamic connection libraries. An information disclosure vulnerability exists in the Montgomery portion of libMPA in OP-TEE 2.4.0 and earlier. An attacker can exploit this vulnerability to recover a private key...

CVE-2017-8142

The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...

CVE-2017-8142

CVE-2017-8142 affects Huawei Mate 9 and Mate 9 Pro devices, where the TEE module driver is vulnerable to a Use-After-Free (UAF). The issue occurs on software versions earlier than MHA-AL00BC00B221 and LON-AL00BC00B221. An attacker can entice a user to install a malicious app that spawns multiple ...

CVE-2017-8142

The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...

The vulnerability of the Android operating system lies in its lack of access control during user authentication. This allows attackers to replicate previously intercepted responses and use the Trusted Execution Environment (TEE) without being detected.

The vulnerability of the Android operating system is related to deficiencies in access control during user authentication. Exploiting this vulnerability allows a malicious actor to utilize the Trusted Execution Environment TEE without verifying the authenticity of the environment, and to replicat...

CVE-2016-10398

Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...

CVE-2016-10398

Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...

Authentication flaw

Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...

CVE-2016-10398

Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...

The vulnerability of the Android operating system, which allows a hacker to bypass the certificate verification process

The vulnerability of the Android operating system is related to errors in pointer checking during the execution of system calls for QTEE. Exploiting this vulnerability allows a remote attacker to bypass certificate verification...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Android operating system arises from the existence of elevated privileges for external components of the TEE. Exploiting this vulnerability allows a malicious actor, operating remotely, to enhance their privileges...

Google Android Unauthorized Operation Vulnerability (CNVD-2017-11472)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android that stems from a QTEE system call that fails to validate a pointer. An attacker can exploit the vulnerability to perform unauthorized...

Huawei Mobile TEE Module Use After Free Vulnerability

The Mate 9 and Mate 9 Pro are a smartphone from Huawei China. Trusted Execution Environment TEE is a secure area on the main processor of a mobile device The Huawei Mate 9 and Mate 9 Pro phones have an Use After Free UAF security vulnerability in the TEE module. An attacker induces a user to...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows attackers to enhance their privileges.

The vulnerability of the TrustZone technology a DRM sub-program of Qualcomm’s Secure Execution Environment for Android from the CAF repository is related to numerical processing errors. Exploiting this vulnerability could allow a remote attacker to gain increased privileges...

The vulnerability of the TrustZone technology (QFPROM mode of Qualcomm Secure Execution Environment) allows for breaches of the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone technology QFPROM mode of Qualcomm Secure Execution Environment for Android from the CAF repository arises due to synchronization errors when using a common resource. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality,...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows for breaches of the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone technology snooping mode of Qualcomm’s Secure Execution Environment for Android, as found in the CAF repository, stems from synchronization errors when using a common resource. Exploiting this vulnerability could allow a malicious actor, operating remotely, to...

The vulnerability of Qualcomm Secure Execution Environment’s microprogramming software allows a perpetrator to gain access to the protected memory of the trusted application.

The vulnerability of Qualcomm Secure Execution Environment for Android, originating from the CAF repository, arises from the lack of use of the HLOS mechanism during the transfer of general content to secure memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to...