CVE-2016-8418
CRITICALAndroid < 6.0.1 - Remote Code Execution in Qualcomm Crypto Driver
Title source: manualDescription
A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product: Android. Versions: N/A. Android ID: A-32652894. References: QC-CR#1077457.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037798
Third Party Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96058
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-02-01.html
Scores
CVSS v3
9.8
EPSS
0.0356
EPSS Percentile
87.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (2)
google/android
< 6.0.1
Google Inc./Android
Published
Feb 08, 2017
Tracked Since
Feb 18, 2026