Widevine Trusted Application Vulnerability: Information Disclosure via Kernel Access

CVE-2016-0825 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039.

Learn more about our Cis Benchmark Audit For Google Android.