CVE-2022-25333

Name of the Vulnerable Software and Affected Versions Texas Instruments OMAP L138 (secure variants) (affected versions not specified)

Description The trusted execution environment (TEE) of the Texas Instruments OMAP L138 (secure variants) has a security issue. When loading a module through the SK LOAD routine, it performs an RSA check, but only validates the module header authenticity. This allows an adversary to reuse a correctly signed header and append a forged payload. The payload can be encrypted using the CEK to achieve arbitrary code execution in a secure context, breaking the TEE security architecture.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.