Lucene search
K

195 matches found

ATTACKERKB
ATTACKERKB
added 2022/08/10 8:15 p.m.3 views

CVE-2021-40040

Vulnerability of writing data to an arbitrary address in the HWKEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS5.9AI score0.0046EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.7 views

HUAWEI EMUI和Magic UI 安全漏洞

Huawei EMUI is a mobile operating system developed on Android. Huawei Magic UI is a smart device operating system. Huawei EMUI and Magic UI are vulnerable to an information disclosure vulnerability that originates from the issue of writing data to an arbitrary address in the HWKEYMASTER module,...

7.5CVSS6.3AI score0.0046EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/08/09 8:11 p.m.6 views

CVE-2021-40040

Vulnerability of writing data to an arbitrary address in the HWKEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality...

5.9AI score0.0046EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.7 views

PT-2022-11162 · Unknown · Hw Keymaster

Name of the Vulnerable Software and Affected Versions: HW KEYMASTER module affected versions not specified Description: The issue concerns the HW KEYMASTER module, where there is a vulnerability related to writing data to an arbitrary address. This could potentially impact confidentiality if...

7.5CVSS7.4AI score0.0046EPSS
Exploits0References3
CNVD
CNVD
added 2022/04/01 12:0 a.m.14 views

Google Android Elevation of Privilege Vulnerability (CNVD-2022-43859)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a lack of boundary checking in Keymaster that could result in out-of-bounds writes. An attacker could exploit this vulnerability to cau...

7.8CVSS4.2AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 4:15 p.m.23 views

CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

7.8CVSS0.00107EPSS
Exploits0References1
OSV
OSV
added 2022/03/30 4:15 p.m.4 views

CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

7.8CVSS5.9AI score0.00107EPSS
Exploits0References1
Prion
Prion
added 2022/03/30 4:15 p.m.18 views

Out-of-bounds

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

4.6CVSS7.8AI score0.00107EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/30 4:2 p.m.98 views

CVE-2021-39741

CVE-2021-39741 affects the Android Keymaster component on Android 12L, with an out-of-bounds write caused by a missing bounds check. This leads to local elevation of privilege with System execution privileges required; no user interaction is needed. The issue is listed in Android 12L security rel...

7.8CVSS7.9AI score0.00107EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.23 views

CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

8.2AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/30 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a lack of boundary checking in Keymaster that could result in out-of-bounds writes. An attacker could exploit this vulnerability to cau...

7.8CVSS5.7AI score0.00107EPSS
Exploits0References2
NVD
NVD
added 2021/10/06 6:15 p.m.26 views

CVE-2021-25490

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...

6CVSS0.00751EPSS
Exploits0References1
OSV
OSV
added 2021/10/06 6:15 p.m.4 views

CVE-2021-25490

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...

6CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/10/06 6:15 p.m.18 views

Code injection

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...

3.6CVSS5.9AI score0.00751EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/06 5:10 p.m.58 views

CVE-2021-25490

CVE-2021-25490 documents a keyblob downgrade attack in Samsung’s Keymaster TA (TrustZone) that enables triggering IV reuse with a privileged process. The root cause is related to the legacy keyblob/blob implementation in Keymaster, allowing misuse of initialization vectors. Affected devices inclu...

6CVSS6.1AI score0.00751EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Oct-2021 Release 1, which stems from a keyblob degradation attack in keymaster...

6CVSS6.4AI score0.00751EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/10/06 12:0 a.m.10 views

PT-2021-16680 · Keymaster · Keymaster

Name of the Vulnerable Software and Affected Versions: keymaster versions prior to SMR Oct-2021 Release 1 Description: A keyblob downgrade attack in keymaster allows an attacker to trigger an IV reuse issue with a privileged process. Recommendations: For versions prior to SMR Oct-2021 Release 1,...

6CVSS5.8AI score0.00751EPSS
Exploits0References3
OSV
OSV
added 2021/08/05 8:15 p.m.3 views

CVE-2021-25444

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

5.5CVSS5.8AI score0.00757EPSS
Exploits0References1
NVD
NVD
added 2021/08/05 8:15 p.m.27 views

CVE-2021-25444

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

5.5CVSS0.00757EPSS
Exploits0References1
Prion
Prion
added 2021/08/05 8:15 p.m.23 views

Design/Logic Flaw

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

2.1CVSS5.4AI score0.00757EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder