Improper Access Control in XBL_LOADER Module Leads to ZI Region Clear Vulnerability in Snapdragon Mobile (SD 845, SD 850)

CVE-2018-11951 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:C/A:N

Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850.

Learn more about our Mobile App Penetration Testing.