Exploit: XBL sec mem dump system call enables full control of EL3 in Snapdragon Mobile and Wear devices

Exploit: XBL sec mem dump system call enables full control of EL3 in Snapdragon Mobile and Wear devices

CVE-2017-18305 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.

Learn more about our Mobile App Penetration Testing.