Vulnerability: Denial of Service (DoS) Attack via Widevine App API in Snapdragon Devices

Vulnerability: Denial of Service (DoS) Attack via Widevine App API in Snapdragon Devices

CVE-2017-18292 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A.

Learn more about our Api Penetration Testing.