Skip to content

T1405 Exploit TEE Vulnerability

A malicious app or other attack vector could be used to exploit vulnerabilities in code running within the Trusted Execution Environment (TEE) 1. The adversary could then obtain privileges held by the TEE potentially including the ability to access cryptographic keys or other sensitive data 2. Escalated operating system privileges may be first required in order to have the ability to attack the TEE 3. If not, privileges within the TEE can potentially be used to exploit the operating system 4.

Item Value
ID T1405
Tactics TA0031, TA0029
Platforms Android
Version 1.0
Created 25 October 2017
Last Modified 17 October 2018


ID Mitigation Description
M1005 Application Vetting -
M1001 Security Updates -
M1006 Use Recent OS Version -


Back to top