Vulnerabilities > CVE-2016-11028 - Out-of-bounds Write vulnerability in Google Android

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
google
samsung
CWE-787

Summary

An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 (December 2016).

Vulnerable Configurations

Part Description Count
OS
Google
1
Hardware
Samsung
1

Common Weakness Enumeration (CWE)