Aleph Research: Attacking Nexus 9 with Malicious Headphones (CVE-2017-0510)

Posted by Roee Hay on Mar 14

Title:
Attacking Nexus 9 with Malicious Headphones

Identifier:
CVE-2017-0510

Severity:
Critical

Product:
Google Nexus 9

Vulnerable Version:
Android 7.1.1 N4F26Q and below

Mitigation:
Upgrade to build N4F26T (March 2017 Security patches).

Technical Details:
Nexus 9 (running build N4F26Q and below) allows unauthorized access to the FIQ debugger via its headphones jack, which
has the following impact:
1. It enables sensitive information…

Leave a Reply