Quarkslab’s security experts have released comprehensive information on a serious flaw they found in Google’s Titan M chip earlier this year. Titan M is a system-on-a-chip (SoC) that was unveiled in 2018 and is intended to provide enhanced security defenses for Pixel devices, including ensuring a secure boot.
The newly disclosed vulnerability, identified as CVE-2022-20233, was patched as part of Android’s June 2022 security updates. At the time, Google called it a critical escalation of privilege bug. Researchers from Quarkslab, who found the problem and informed Google of it, claim that it is possible to exploit the security hole to execute code on the Titan M chip.
Due to an incorrect bounds check, there is a vulnerability that causes out-of-bounds writes. There is no need for user interaction when using the bug’s local escalation of privilege functionality.
For more such updates follow us on Google News ITsecuritywire News