CVE-2019-9465

MEDIUM

Android < 10.0 - Local Information Disclosure in Titan M Cryptographic Operations

Title source: llm

Description

In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-133258003

Exploits (2)

nomisec WORKING POC 9 stars

by alexbakker · poc

https://github.com/alexbakker/CVE-2019-9465

View Code ZIP pw:eip

nomisec WORKING POC

by MichaelsPlayground · poc

https://github.com/MichaelsPlayground/CVE-2019-9465

View Code ZIP pw:eip

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://source.android.com/security/bulletin/pixel/2019-12-01

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 9.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (1)

google/android < 10.0

Published Jan 07, 2020

Tracked Since Feb 18, 2026