CVE-2015-9166 in Androidinformación

Resumen

por MITRE

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, DRM provisioning mechanisms used in QSEE applications have a feature to prevent further provisioning. This is done by creating an SFS file called 'finalize_prov_flag.data' at the end of provisioning. When this feature is enabled, provisioning calls check for the existence of the file in order to decide whether to do provisioning or not. Current implementation allows provisioning without sufficient checks.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

2017-08-16

Divulgación

2018-04-18

Moderación

aceptado

Artículo

VDB-116413

CPE

listo

EPSS

0.00743

KEV

no

Actividades

muy bajo

Sector

Police, Lawfirm, ...

Fuentes

MITREhttps://www.cve.org/CVERecord?id=CVE-2015-9166
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2015-9166
CVE Detailshttps://www.cvedetails.com/cve/CVE-2015-9166/

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!