PT-2017-3664 · Google+1 · Android+1

Publicado

2017-04-25

·

Atualizado

2019-10-03

·

CVE-2017-8274

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Android versions prior to security patch level 2018-04-05
Description: An access control issue exists in the Core of Android, related to the Qualcomm Trusted Execution Environment component. This issue is associated with inadequate access control, which could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations: For Android versions prior to security patch level 2018-04-05, apply the security patch level 2018-04-05 or later to resolve the issue.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

BDU:2018-00853
CVE-2017-8274

Produtos afetados

Android
Qualcomm Trusted Execution Environment