CVE-2016-10408

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Nov 26, 2024
CWE ID 284

Summary

CVE-2016-10408 is a vulnerability affecting QSEE (Qualcomm Secure Execution Environment). This issue arises from random fatal errors occurring during QSEE execution due to speculative instruction fetches from device memory. It is important to note that device memory is not intended to be executable; thus, these unintended fetches lead to unexpected behavior and potential security risks. By exploiting this vulnerability, an attacker could gain unauthorized access to sensitive information or take control of the affected system.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share