Instruments for monitoring oil tanks manufactured by the German company Tecson revealed a dangerous vulnerability…
In March 2019 Keegan Ryan, safety researcher from NCC Group, decided to test realization of ECDSA signature in certain version of Qualcomm Secure Execution Environment (QSEE) and finally discovered a series of dangerous vulnerabilities that are united under single identifier CVE-2018-11976.
With the use of Cachgrab tool he managed to perform simultaneously several attacks on memory cash, extract cryptographic data and fully restore 256-bit closed encryption key from Qualcomm hardware keys’ storage.
“We found two locations in the multiplication algorithm which leak information about the nonce. Both of these locations contain countermeasures against side-channel attacks, but due to the spatial and temporal resolution of our microarchitectural attacks, it is possible to overcome these countermeasures and distinguish a few bits of the nonce. These few bits are enough to recover 256-bit ECDSA keys,” – Ryan said.
Researcher repeated his results in experiment on Nexus 5X that was powered by Android, but in Qualcomm confirmed that vulnerability involves more than 30 other different processors (full list can be found here). Concluding, issue touches a broad spectrum of smartphones and tablets and almost every Android-powered device has a chance to encounter vulnerability.
Researchers reported Qualcomm about vulnerability in March 2018, since that time company presented firmware updates for all affected processors and notified digital devices producers. Google improved vulnerability in its devices this month after release of April Android updates.
Good news is that for application of CVE-2018-11976 attacker should get rights of superuser on the device. Bad news is this can be done with already existing and quite spread malware that can be found even on Google Play Market.
Source: https://www.zdnet.com/
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…