Missing Recovery PIN Feature in aboot Implementation on Nexus 6P Devices

Missing Recovery PIN Feature in aboot Implementation on Nexus 6P Devices

CVE-2015-8889 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android internal bug 28822677 and Qualcomm internal bug CR804067.

Learn more about our Cis Benchmark Audit For Google Android.