YoVDO

Exploiting QSEE, The Raelize Way

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Device Security Courses Software Vulnerabilities Courses Hardware Vulnerabilities Courses Arbitrary Code Execution Courses

Course Description

Overview

Explore the vulnerabilities and exploitation techniques of Qualcomm's Trusted Execution Environment (QSEE) in this comprehensive conference talk from HITB2021AMS. Delve into the technical details of software vulnerabilities discovered in QSEE on Qualcomm IPQ40xx-based networking devices, and learn how these were exploited to achieve arbitrary code execution. Examine the innovative approach of using Electromagnetic Fault Injection (EMFI) attacks to compromise the TEE without relying on software vulnerabilities. Gain insights into the system-level perspective on security, understanding how both software architecture and hardware resilience contribute to overall device security. Analyze the impact of these vulnerabilities on affected devices and discuss the challenges in addressing hardware-based security issues. Benefit from the expertise of seasoned security researchers Cristofaro Mune and Niek Timmers as they share their findings on TEE exploitation, fault injection techniques, and the broader implications for embedded device security.

Syllabus

#HITB2021AMS D1T2 - Exploiting QSEE, The Raelize Way - Cristofaro Mune and Niek Timmers


Taught by

Hack In The Box Security Conference

Related Courses

Mobile Devices in Everyday Life
Tallinn University via EMMA
Windows Support Essentials: Maintenance
Microsoft via edX
Advanced IOT Applications
Indian Institute of Science Bangalore via Swayam
Computer Fundamentals: Security
Pluralsight
Integrating AWS IoT Core in Your Application
Pluralsight