header-logo
Suggest Exploit
vendor:
QSEE
by:
laginimaineb
7,8
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: QSEE
Affected Version From: Qualcomm Secure Execution Environment (QSEE)
Affected Version To: Qualcomm Secure Execution Environment (QSEE)
Patch Exists: YES
Related CWE: CVE-2015-6639
CPE: o:qualcomm:qsee
Metasploit: https://www.rapid7.com/db/vulnerabilities/google-android-cve-2015-6639/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Android
2016

Qualcomm’s Secure Execution Environment (QSEE) Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)

This vulnerability allows an attacker to gain root privileges on a device running Qualcomm's Secure Execution Environment (QSEE). This is achieved by using the PRDiag* commands, which are accessible to any application running in the QSEE environment.

Mitigation:

Qualcomm has released a patch for this vulnerability.
Source

Exploit-DB raw data:

Sources:
https://bits-please.blogspot.ca/2016/05/qsee-privilege-escalation-vulnerability.html
https://github.com/laginimaineb/cve-2015-6639

Qualcomm's Secure Execution Environment  (QSEE) Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39757.zip

Navigation

Suggest Exploit

Services By CQR