Published: 14/04/2020 Updated: 21/07/2021

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6 | Impact Score: 4 | Exploitability Score: 1.5

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

An issue exists on OnePlus 7 Pro devices prior to 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The issue is that the Trusted Application (TA) supports an extended number of commands beyond what is needed to implement a fingerprint authentication system compatible with Android. An attacker who is in the position to send commands to the TA (for example, the root user) is able to send a sequence of these commands that will result in the TA sending a raw fingerprint image to the REE. This means that the Trusted Execution Environment (TEE) no longer protects identifiable fingerprint data from the REE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oneplus oneplus_7_pro_firmware

Whether you are here to stay, or passing through on your way to parts unknown, welcome to my GitHub profile It's more of a stub really Since the MS acquisition of GitHub all my personal projects have been hosted at GitLab Although I do various software security things for work, I particularly enjoy reverse engineering and breaking embedded systems 🖋 I occasionally

NVD-CWE-noinfo https://www.synopsys.com/blogs/software-security/cve-2020-7958/https://nvd.nist.gov https://github.com/pandasauce/pandasauce

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-7958

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect