Lucene search
K

649 matches found

0day.today
0day.today
added 2016/12/13 12:0 a.m.22 views

Samsung Devices KNOX Extensions - OTP Service Heap Overflow Exploit

Exploit for Android platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=935 As a part of the KNOX extensions available on Samsung devices, Samsung provides a new service which allows the generation of OTP tokens. The tokens themselves are generated i...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2016/12/13 12:0 a.m.33 views

Samsung Devices KNOX Extensions - OTP Service Heap Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=935 As a part of the KNOX extensions available on Samsung devices, Samsung provides a new service which allows the generation of OTP tokens. The tokens themselves are generated in a TrustZone application within the TEE UID:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/12/13 12:0 a.m.23 views

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The tokens themselves are generated in a TrustZone application within the TEE UID...

7.4AI score
Exploits0
CNVD
CNVD
added 2016/11/28 12:0 a.m.25 views

Security Bypass Vulnerability in Huawei's Secure Storage Trusted Application for Some Phones

Huawei P9, P9 Lite, P8 Lite are Huawei smartphones. A security bypass vulnerability exists in the Secure Storage Trusted App SSTA of some Huawei phones. An attacker who has gained root privileges on Android can exploit the vulnerability to read and write user-state memory data in any location in...

6.4CVSS6.9AI score0.00213EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/28 12:0 a.m.4 views

Privilege elevation vulnerability in TrustZone driver for some Huawei phones

Huawei P9, P9 Lite, P8 Lite are Huawei smartphones. An elevation of privilege vulnerability exists in the TrustZone driver of some Huawei phones. An attacker may trick users into installing a malicious application, and the application can exploit the vulnerability to send specific parameters to t...

9.3CVSS7AI score0.00751EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/28 12:0 a.m.7 views

Denial of Service Vulnerability in TrustZone Driver for Some Huawei Phones

Huawei P9, P9 Lite, P8 Lite are Huawei smartphones. A denial of service vulnerability exists in the TrustZone driver of some Huawei phones. An attacker can trick users into installing a malicious application, and the application exploits the vulnerability to pass specific parameters to the...

5CVSS6.7AI score0.00204EPSS
Exploits0References1
Huawei
Huawei
added 2016/11/23 12:0 a.m.41 views

Security Advisory - Multiple Security Vulnerabilities in Huawei Smart Phone Products

The TrustZone driver of some Huawei smart phone products has an input validation vulnerability. An attacker may trick the target user into installing a malicious APP which could exploit this vulnerability to pass specific parameters to the TrustZone driver. Successful exploit could cause the syst...

9.3CVSS5.8AI score0.00751EPSS
Exploits0Affected Software3
myhack58
myhack58
added 2016/07/07 12:0 a.m.24 views

Vulnerability can bypass the encryption endanger the majority of android devices-vulnerability warning-the black bar safety net

! Chip manufacturer Qualcomm mobile processors in the presence of a vulnerability,the vulnerability exists in 6 0% of the android phone,the attacker can use it to hack the device in the full-disk encryption. All running the Qualcomm processor android device only 1 0% can be from this attack. Duo...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2016/07/05 2:44 p.m.29 views

Encryption Bypass Vulnerability Impact Half Android Devices

A flaw in chipmaker Qualcomm’s mobile processor, used in 60 percent of Android mobiles, allows attackers to crack full disk encryption on the device. Only 10 percent of Android devices running Qualcomm processors are not vulnerable to this type of attack. Researchers at Duo Labs said the...

9.3CVSS0.5AI score0.01782EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2016/07/01 5:25 a.m.66 views

How to Crack Android Full Disk Encryption on Qualcomm Devices

The heated battle between Apple and the FBI provoked a lot of talk about Encryption – the technology that has been used to keep all your bits and bytes as safe as possible. We can not say a lot about Apple's users, but Android users are at severe risk when it comes to encryption of their personal...

9.3CVSS8.3AI score0.06906EPSS
Exploits3
ThreatPost
ThreatPost
added 2016/06/17 2:40 p.m.11 views

Google's Android Rewards Program Pays Out Half Million in First Year

Google wrapped up the first year of its Android Security Rewards program this week, a span of time that saw the company pay out just north of half a million dollars to security researchers who helped identify vulnerabilities in the mobile operating system. In all, the company paid 82 researchers ...

7.6AI score
Exploits0References5
myhack58
myhack58
added 2016/06/11 12:0 a.m.22 views

Qualcomm secure execution environment of high-risk vulnerabilities affecting the global six into outstanding device-the vulnerability warning-the black bar safety net

! Qualcomm secure execution environment Qualcomm Secure Execution Environment, QSEE in a key mention of the right to exploit Elevation of Privilege, EOP still affect the world about six into the Android device. While the vulnerability earlier had been a repair. The root of the problem is that...

Exploits0
ThreatPost
ThreatPost
added 2016/05/19 1:8 p.m.35 views

Android Qualcomm Vulnerability Impacts 60 Percent of Devices

A flaw in mobile chip maker Qualcomm’s mobile processor, used in 60 percent of Android devices, allows attackers to take control over a targeted phone or tablet under specific conditions. Researchers at Duo Labs said the vulnerability is tied to Android’s problem-plagued mediaserver, coupled with...

9.3CVSS1AI score0.06906EPSS
Exploits3References3
BDU FSTEC
BDU FSTEC
added 2016/05/12 12:0 a.m.8 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Qualcomm TrustZone-based Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to enhance their privileges through a specially created application...

9.3CVSS7.2AI score0.0039EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/05/12 12:0 a.m.11 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Qualcomm TrustZone-based Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to enhance their privileges through a specially created application...

9.3CVSS7.5AI score0.01782EPSS
Exploits0References2Affected Software1
myhack58
myhack58
added 2016/05/11 12:0 a.m.58 views

From 0 to TrustZone in the second article: the QSEE mention the right vulnerability and the use of CVE-2 0 1 5-6 6 3 9-a vulnerability warning-the black bar safety net

! In this article, we discuss how to find and exploit a vulnerability, access to Qualcomm secure execution environmentQSEEof the code execute permissions. Related reading From 0 to TrustZone first article: explore the high-pass SEE safe executable environment QSEE attack surface In a previous...

0.3AI score
Exploits0
OSV
OSV
added 2016/05/09 10:59 a.m.3 views

CVE-2016-2432

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059...

7.8CVSS7.3AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2016/05/09 10:59 a.m.17 views

CVE-2016-2432

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059...

9.3CVSS7.5AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2016/05/09 10:59 a.m.26 views

CVE-2016-2431

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 2013, and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809...

9.3CVSS7.5AI score0.01782EPSS
Exploits0References1
OSV
OSV
added 2016/05/09 10:59 a.m.3 views

CVE-2016-2431

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 2013, and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809...

7.8CVSS5.8AI score0.01782EPSS
Exploits0References1
Rows per page
Query Builder