Published CVEs and !CVEs
This section shows a list of our published CVEs and !CVEs along with their respective entries.
!CVE-2023-0001
Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
Publication date: April 2023
We discovered an improper check in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 exploitable with voltage fault injection.
Snapdragon 410
CVE-2022-48336
Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8)
Publication date: March 2023
We discovered a buffer overflow in Widevine QSEE TrustZone application (Google Nexus 6) exploitable via PRDiagProvisionData command and PRDiagParseAndStoreData subcomand at address 0x5cc8.
Google Nexus 6
CVE-2022-48335
Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90)
Publication date: March 2023
We discovered a buffer overflow in Widevine QSEE TrustZone application (Google Nexus 6) exploitable via PRDiagMaintenance command and PRDiagVerifyProvisioning subcomand at address 0x5f90.
Google Nexus 6
CVE-2022-48334
Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370)
Publication date: March 2023
We discovered a buffer overflow in Widevine QSEE TrustZone application (Google Nexus 6) exploitable via drm_verify_keys command at address 0x7370.
Google Nexus 6
CVE-2022-48333
Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c)
Publication date: March 2023
We discovered a buffer overflow in Widevine QSEE TrustZone application (Google Nexus 6) exploitable via drm_verify_keys command at address 0x730c.
Google Nexus 6
CVE-2022-48332
Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18)
Publication date: March 2023
We discovered a buffer overflow in Widevine QSEE TrustZone application (Google Nexus 6) exploitable via drm_save_keys command at address 0x6a18.
Google Nexus 6
CVE-2022-48331
Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0)
Publication date: March 2023
We discovered a buffer overflow in Widevine QSEE TrustZone application (Google Nexus 6) exploitable via drm_save_keys command at address 0x69b0.
Google Nexus 6
CVE-2015-6647
Buffer Overflow in Widevine Trustlet (PRDiagClearProvisioning @ 0x583c)
Publication date: March 2023
While performing vulnerability testing on the Widevine QSEE TrustZone application (Google Nexus 6), we identified a previously known buffer overflow via PRDiagMaintenance command and PRDiagClearProvisioning subcomand at address 0x583c.
Google Nexus 6
CVE-2015-6639
Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5c9c)
Publication date: March 2023
While performing vulnerability testing on the Widevine QSEE TrustZone application (Google Nexus 6), we identified a previously known buffer overflow via PRDiagProvisionData command and PRDiagParseAndStoreData subcomand at address 0x5c9c.
Google Nexus 6