Lucene search
K

657 matches found

CNVD
CNVD
added 2018/01/04 12:0 a.m.6 views

OP-TEE has an unspecified vulnerability

OP-TEE is an open source trusted execution environment. A security vulnerability exists in the LibTomCrypt code in OP-TEE 2.4.0 and earlier versions. The vulnerability can be exploited by an attacker to recover private keys...

7.5CVSS7.2AI score0.01925EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/12/07 12:0 a.m.7 views

Multiple vulnerabilities in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub family of microcontrollers, which allow attackers to enhance their privileges

The multiple vulnerabilities of the Intel Trusted Execution Engine TXE subsystem in microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. These vulnerabilities are related to deficiencies in access control. Exploitation ...

7.5CVSS7.8AI score0.00609EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/12/05 12:0 a.m.7 views

Multiple vulnerabilities in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub family of microprogramming devices, which allow unauthorized code to be executed

The multiple vulnerabilities of the Intel Trusted Execution Engine TXE subsystem in microprogramming software of the Platform Controller Hub PCH family, which serve as south bridges, are caused by buffer overflows. Exploitation of these vulnerabilities could allow an attacker to execute unsigned...

8.2CVSS8AI score0.00649EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/11/22 7:29 p.m.4 views

CVE-2017-8142

The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...

7.8CVSS6AI score0.01067EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 7:0 p.m.59 views

CVE-2017-8142

CVE-2017-8142 affects Huawei Mate 9 and Mate 9 Pro devices, where the TEE module driver is vulnerable to a Use-After-Free (UAF). The issue occurs on software versions earlier than MHA-AL00BC00B221 and LON-AL00BC00B221. An attacker can entice a user to install a malicious app that spawns multiple ...

9.3CVSS8AI score0.01067EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/22 7:0 p.m.26 views

CVE-2017-8142

The Trusted Execution Environment TEE module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and...

8AI score0.01067EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/22 12:0 a.m.6 views

Multiple Local Buffer Overflow Vulnerabilities in Intel Trusted Execution Engine

Intel Trusted Execution Engine Firmware is a trusted execution engine firmware product. Intel Trusted Execution Engine has multiple local buffer overflow vulnerabilities. The vulnerabilities could be exploited by an attacker with local access rights to execute arbitrary code...

7.8CVSS8AI score0.00649EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/22 12:0 a.m.4 views

Multiple Local Elevation of Privilege Vulnerabilities in Intel Trusted Execution Engine

Intel Trusted Execution Engine Firmware is a trusted execution engine firmware product. Intel Trusted Execution Engine has multiple local elevation of privilege vulnerabilities. An attacker could exploit this vulnerability to access privileged content...

7.8CVSS7.3AI score0.00609EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/11/21 3:3 p.m.34 views

Intel Patches CPU Bugs Impacting Millions of Devices

Intel released patches on Monday to protect millions of PCs and servers from vulnerabilities found in its Management Engine, Trusted Execution Engine and Server Platform Services that could allow local attackers elevate privileges, run arbitrary code, crash systems and eavesdrop on communications...

9CVSS2.2AI score0.04407EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2017/11/21 2:29 p.m.24 views

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

7.8CVSS7.3AI score0.00609EPSS
Exploits0References2
Prion
Prion
added 2017/11/21 2:29 p.m.17 views

Buffer overflow

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

7.2CVSS7.7AI score0.00649EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2017/11/21 2:29 p.m.1 views

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

7.8CVSS5.8AI score0.00609EPSS
Exploits0References6
NVD
NVD
added 2017/11/21 2:29 p.m.22 views

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

7.8CVSS7AI score0.00609EPSS
Exploits0References6
OSV
OSV
added 2017/11/21 2:29 p.m.3 views

CVE-2017-5707

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

7.8CVSS6.3AI score0.00649EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/11/21 2:29 p.m.26 views

CVE-2017-5707

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

7.8CVSS7.4AI score0.00649EPSS
Exploits0References2
CVE
CVE
added 2017/11/21 2:0 p.m.59 views

CVE-2017-5710

CVE-2017-5710 describes multiple privilege escalations in Intel Trusted Execution Engine (TXE) Firmware 3.0 kernels that allow an unauthorized process to access privileged content via an unspecified vector. The incident is tied to TXE alongside other Intel ME/SPS vulnerabilities (Intel-SA-00086 f...

7.8CVSS6.9AI score0.00609EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2017/11/21 2:0 p.m.74 views

CVE-2017-5707

CVE-2017-5707 corresponds to multiple kernel-level buffer overflows in Intel Trusted Execution Engine Firmware 3.0 that allow a local attacker to execute arbitrary code. The vulnerability is rooted in buffer overflow issues within the TXE kernel, with exploitation requiring local system access. T...

7.8CVSS7.2AI score0.00649EPSS
Exploits0References7Affected Software1
CISA
CISA
added 2017/11/21 12:0 a.m.17 views

Intel Firmware Vulnerability

Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourag...

7.1AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/08/03 12:0 a.m.8 views

The vulnerability of the Android operating system lies in its lack of access control during user authentication. This allows attackers to replicate previously intercepted responses and use the Trusted Execution Environment (TEE) without being detected.

The vulnerability of the Android operating system is related to deficiencies in access control during user authentication. Exploiting this vulnerability allows a malicious actor to utilize the Trusted Execution Environment TEE without verifying the authenticity of the environment, and to replicat...

7.2CVSS6.4AI score0.0019EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/07/17 1:18 p.m.20 views

CVE-2016-10398

Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...

7.2CVSS6.4AI score0.0019EPSS
Exploits0References1
Rows per page
Query Builder