An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

Threat-Mapped Scoring

Score: 2.3

Priority: P3 - Important (Medium)

• S6 – Espionage of Financial Trades

EPSS

Score: 0.00019
Percentile: 0.03432

CVSS Scoring

Mapped CWE(s)

• CWE-1295 : Debug Messages Revealing Unnecessary Information

All CAPEC(s)

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

• cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
• cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

← Back to Home