CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-4325

The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to bypass intended device-lock and kernel-signature restrictions by using fastboot mode in a boot command for an arbitrary kernel image.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.0%

CVSS Severity

CVSS v2 Score 7.2

References

https://www.codeaurora.org/projects/security-advisories/fastboot-boot-command-bypasses-signature-verification-cve-2014-4325
https://www.codeaurora.org/projects/security-advisories/fastboot-boot-command-bypasses-signature-verification-cve-2014-4325

Products affected by CVE-2014-4325

Little Kernel Project » Little Kernel Bootloader » Version: N/A

cpe:2.3:a:little_kernel_project:little_kernel_bootloader:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-4325

Products

Pricing

Contact Us