CVE-2017-11010

Name of the Vulnerable Software and Affected Versions Android versions prior to 2018-01-05

Description The issue is related to insufficient access control in the Qualcomm Trusted Execution Environment component of the Android operating system. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. The problem is specifically related to an unprotected configuration space.

Recommendations For Android versions prior to 2018-01-05, consider restricting access to sensitive configuration spaces until a patch or update is available. As a temporary workaround, limiting the functionality that relies on the Qualcomm Trusted Execution Environment may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.