CVE-2019-9465
MEDIUMAndroid < 10.0 - Local Information Disclosure in Titan M Cryptographic Operations
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2019-9465. PoCs published by alexbakker, MichaelsPlayground.
AI-analyzed exploit summary This is a demo Android application demonstrating CVE-2019-9465, which involves a vulnerability in the Android Keystore system related to biometric authentication bypass. The PoC shows how encryption/decryption operations can be manipulated under specific conditions.
Description
In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-133258003
Exploits (2)
This is a demo Android application demonstrating CVE-2019-9465, which involves a vulnerability in the Android Keystore system related to biometric authentication bypass. The PoC shows how encryption/decryption operations can be manipulated under specific conditions.
This is a demo Android application demonstrating CVE-2019-9465, which involves a vulnerability in the Android Keystore system related to biometric authentication bypass. The PoC shows how encryption/decryption operations can be manipulated under specific conditions.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N