Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exploiting QSEE, The Raelize Way

Hack In The Box Security Conference via YouTube

Overview

Explore the vulnerabilities and exploitation techniques of Qualcomm's Trusted Execution Environment (QSEE) in this comprehensive conference talk from HITB2021AMS. Delve into the technical details of software vulnerabilities discovered in QSEE on Qualcomm IPQ40xx-based networking devices, and learn how these were exploited to achieve arbitrary code execution. Examine the innovative approach of using Electromagnetic Fault Injection (EMFI) attacks to compromise the TEE without relying on software vulnerabilities. Gain insights into the system-level perspective on security, understanding how both software architecture and hardware resilience contribute to overall device security. Analyze the impact of these vulnerabilities on affected devices and discuss the challenges in addressing hardware-based security issues. Benefit from the expertise of seasoned security researchers Cristofaro Mune and Niek Timmers as they share their findings on TEE exploitation, fault injection techniques, and the broader implications for embedded device security.

Syllabus

#HITB2021AMS D1T2 - Exploiting QSEE, The Raelize Way - Cristofaro Mune and Niek Timmers

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Exploiting QSEE, The Raelize Way

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.