657 matches found
OP-TEE has an unspecified vulnerability
OP-TEE is an open source trusted execution environment. A security vulnerability exists in the LibTomCrypt code in OP-TEE 2.4.0 and earlier versions. The vulnerability can be exploited by an attacker to recover private keys...
Multiple vulnerabilities in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub family of microcontrollers, which allow attackers to enhance their privileges
The multiple vulnerabilities of the Intel Trusted Execution Engine TXE subsystem in microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. These vulnerabilities are related to deficiencies in access control. Exploitation ...
Multiple vulnerabilities in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub family of microprogramming devices, which allow unauthorized code to be executed
The multiple vulnerabilities of the Intel Trusted Execution Engine TXE subsystem in microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. Exploitation of these vulnerabilities could allow an attacker to execute unsigned...
CVE-2017-8142
The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...
CVE-2017-8142
CVE-2017-8142 affects Huawei Mate 9 and Mate 9 Pro devices, where the TEE module driver is vulnerable to a Use-After-Free (UAF). The issue occurs on software versions earlier than MHA-AL00BC00B221 and LON-AL00BC00B221. An attacker can entice a user to install a malicious app that spawns multiple ...
CVE-2017-8142
The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...
Multiple Local Buffer Overflow Vulnerabilities in Intel Trusted Execution Engine
Intel Trusted Execution Engine Firmware is a trusted execution engine firmware product. Intel Trusted Execution Engine has multiple local buffer overflow vulnerabilities. The vulnerabilities could be exploited by an attacker with local access rights to execute arbitrary code...
Multiple Local Elevation of Privilege Vulnerabilities in Intel Trusted Execution Engine
Intel Trusted Execution Engine Firmware is a trusted execution engine firmware product. Intel Trusted Execution Engine has multiple local elevation of privilege vulnerabilities. An attacker could exploit this vulnerability to access privileged content...
Intel Patches CPU Bugs Impacting Millions of Devices
Intel released patches on Monday to protect millions of PCs and servers from vulnerabilities found in its Management Engine, Trusted Execution Engine and Server Platform Services that could allow local attackers elevate privileges, run arbitrary code, crash systems and eavesdrop on communications...
CVE-2017-5710
Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...
Buffer overflow
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...
CVE-2017-5710
Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...
CVE-2017-5710
Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...
CVE-2017-5707
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...
CVE-2017-5707
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...
CVE-2017-5710
CVE-2017-5710 describes multiple privilege escalations in Intel Trusted Execution Engine (TXE) Firmware 3.0 kernels that allow an unauthorized process to access privileged content via an unspecified vector. The incident is tied to TXE alongside other Intel ME/SPS vulnerabilities (Intel-SA-00086 f...
CVE-2017-5707
CVE-2017-5707 corresponds to multiple kernel-level buffer overflows in Intel Trusted Execution Engine Firmware 3.0 that allow a local attacker to execute arbitrary code. The vulnerability is rooted in buffer overflow issues within the TXE kernel, with exploitation requiring local system access. T...
Intel Firmware Vulnerability
Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourag...
The vulnerability of the Android operating system lies in its lack of access control during user authentication. This allows attackers to replicate previously intercepted responses and use the Trusted Execution Environment (TEE) without being detected.
The vulnerability of the Android operating system is related to deficiencies in access control during user authentication. Exploiting this vulnerability allows a malicious actor to utilize the Trusted Execution Environment TEE without verifying the authenticity of the environment, and to replicat...
CVE-2016-10398
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...