Bypassing GPIO Protection via Banked GPIO Registers in Snapdragon Mobile and Wear Devices

Bypassing GPIO Protection via Banked GPIO Registers in Snapdragon Mobile and Wear Devices

CVE-2017-18293 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

Learn more about our Mobile App Penetration Testing.