Array Out of Bounds Vulnerability in TZ Function of Snapdragon Mobile and Wear Devices

Array Out of Bounds Vulnerability in TZ Function of Snapdragon Mobile and Wear Devices

CVE-2018-5914 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

Learn more about our Mobile App Penetration Testing.