Widevine Trusted Application Vulnerability: Information Disclosure via Kernel Access
CVE-2016-0825 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039.
Learn more about our Cis Benchmark Audit For Google Android.