This page lists the public CVEs assigned to various vulnerabilities:
April 2024
- CVE-2024-22004 – High – Google
Unchecked length in Trusted Application on Google Nest Wifi Pro, leading to out of bounds read
October 2023
- CVE-2023-3487 – High 7.8 – Silicon Labs
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.
- CVE-2023-3488 – Med 5.5 – Silicon Labs
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.
July 2023
- CVE-2023-20753 – Med 6.7 – MediaTek
In RPMB TA, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-20754 – High 7.0 – MediaTek
In KeyInstall Trusted Application, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Android Security Acknowledgements
May 2023
- CVE-2023-28753 – Crit 9.8 – Facebook
netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. Facebook Security Advisory
- CVE-2023-20709 – Med 4.4 – MediaTek
In KeyInstall Trusted Application, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
April 2023
- CVE-2022-32599 – Med 6.7 – MediaTek
In RPMB Trusted Application, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
December 2022
- CVE-2022-32594 – Med 6.7 – MediaTek
In Widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Also related CVE-2022-32594, CVE-2022-32596, CVE-2022-32597 and CVE-2022-32598. Android Security Bulletin
August 2022
- CVE-2022-33172 – Med 5.5 – BSI
de.fac2 1.34 Smart Card solution allows bypassing the User Presence protection mechanism when there is malware on the victim’s PC.
June 2022
- CVE-2022-31026 – Med 5.9 – GitHub
Use of Uninitialized Variable in trilogy. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory.
January 2022
- CVE-2022-22271 – Med 5.5 – Samsung
Vulnerability in Samsung S21 TIMA TA on TEEGRIS.
A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory.
November 2020
- CVE-2020-13832 – Crit 9.8 – Samsung
An issue was discovered on Samsung mobile devices with Q(10.0) (with TEEGRIS on Exynos chipsets) software. The Widevine Trustlet allows arbitrary code execution because of multiple memory disclosure and memory corruption vulnerabilities. The Samsung IDs are SVE-2020-17117, SVE-2020-17118, SVE-2020-17119, and SVE-2020-17161 (June 2020).
October 2020
- CVE-2020-0283 – Crit 9.1 – MediaTek
There is a possible out of bounds write in KeyInstall component due to a missing bounds check. Android Security Bulletin
- CVE-2020-0371 – Crit 9.1 – MediaTek
There is a possible out of bounds read in KeyInstall component due to a missing bounds check. Android Security Bulletin
- CVE-2020-0367 – Crit 9.1 – MediaTek
There is a possible out of bounds write in Widevine component due to a missing bounds check. Android Security Bulletin
- CVE-2020-0339 – Crit 9.1 – MediaTek
There is a possible out of bounds read in Widevine component due to a missing bounds check. Android Security Bulletin
- CVE-2020-0376 – Crit 9.1 – MediaTek
There is a possible out of bounds read in ISP component due to a missing bounds check. Android Security Bulletin