The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone technology’s authentication mode for Qualcomm Secure Execution Environment for Android, as found in the CAF repository, stems from synchronization errors when using a common resource. Exploiting this vulnerability could allow an attacker operating remotely to...

The vulnerability of the HLOS component of Qualcomm Secure Execution Environment allows a perpetrator to gain access to kernel modules beyond their authorized scope.

The vulnerability of the HLOS microprogramming software component of Qualcomm Secure Execution Environment for Android exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to kernel modules beyond their authorize...

The vulnerability of Qualcomm Secure Execution Environment’s microprogramming software allows a perpetrator to circumvent existing access control policies.

The vulnerability of Qualcomm Secure Execution Environment for Android, found in the CAF repository, is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to circumvent existing access control policies through improper page alignment...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows a hacker to gain access to local files.

The vulnerability of the TrustZone technology a DRM sub-program of Qualcomm’s Secure Execution Environment for Android from the CAF repository is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to gain access to local files...

The vulnerability of the OEM microprogramming software component of Qualcomm Secure Execution Environment allows a perpetrator to trigger a service failure or exert other effects on the system.

The vulnerability of the OEM microprogramming software component of Qualcomm Secure Execution Environment for Android, originating from the CAF repository, is related to buffer overflow attacks. Exploiting this vulnerability can allow a malicious actor to trigger service failures or cause other...

The vulnerability of Qualcomm’s TrustZone microprogramming software technology allows a intruder to trigger a service failure or exert other effects on the system.

The vulnerability of the TrustZone technology a DRM sub-program of Qualcomm’s Secure Execution Environment for Android, as found in the CAF repository, stems from buffer overflow attacks. Exploiting this vulnerability could allow a malicious actor to cause system failures or other adverse effects...

RW-4040 tool to verify execution environment may insecurely load Dynamic Link Libraries

Overview RW-4040 tool to verify execution environment for IC Card Reader/Writer devices provided by Sharp Corporation contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and BlackWingCat of...

JVN#51274854: Multiple software for Sharp IC Card Reader/Writer Devices may insecurely load Dynamic Link Libraries

The tool to verify execution environment and the driver installer for IC Card Reader/Writer devices provided by Sharp Corporation contain an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege o...

CVE-2017-0613

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...

CVE-2017-0614

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...

CVE-2017-0614

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...

Privilege escalation

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...

CVE-2017-0614

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...

CVE-2017-0613

CVE-2017-0613 is a local elevation-of-privilege flaw in the Qualcomm Secure Execution Environment Communicator driver affecting Android, enabling a non-privileged, user-space process to gain arbitrary code execution in the kernel if a privileged process is first compromised. Affected kernel versi...

CVE-2017-0612

CVE-2017-0612 describes an elevation of privilege in the Qualcomm Secure Execution Environment Communicator driver on Android kernel 3.18. A local malicious application could exploit this to execute arbitrary code in the kernel context after compromising a privileged process. The vulnerability is...

CVE-2017-0614

CVE-2017-0614 describes an elevation of privilege in the Qualcomm Secure Execution Environment Communicator driver on Android. The issue could allow a local malicious application to execute arbitrary code in the kernel context. Affected software/components: Android devices using Kernel-3.10 and K...

Google Android Qualcomm Secure Execution Environment Communicator Driver elevation of privilege vulnerability (CNVD-2017-07362)

Android on Nexus 5X, etc. is an open source Linux-based operating system for Nexus 5X and other smart devices developed by Google and the Open Handheld Alliance OHA.The Qualcomm Secure Execution Environment QSE is an interface that provides communication between the user space and the Qualcomm...

Google Android Qualcomm Secure Execution Environment Communicator Driver elevation of privilege vulnerability (CNVD-2017-07361)

Android on Nexus 5X, etc. is an open source Linux-based operating system for Nexus 5X and other smart devices developed by Google and the Open Handheld Alliance OHA.The Qualcomm Secure Execution Environment QSE is an interface used to provide communication between the user space and the Qualcomm...

Google Android Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability

Android on Nexus 5X, etc. is an open source Linux-based operating system for Nexus 5X and other smart devices developed by Google and the Open Handheld Alliance OHA.The Qualcomm Secure Execution Environment QSE is an interface used to provide communication between the user space and the Qualcomm...

The vulnerability of the Android operating system, which allows a hacker to obtain extended privileges

The vulnerability of the Android operating system lies in the fact that when a secure application based on Qualcomm Secure Execution Environment receives a memory cell address, it does not undergo verification to ensure that the address belongs to the user’s memory space, rather than the kernel’s...