Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Local access only (AV:L), non-default hardware config required (AC:H), low-privilege attacker needed (PR:L); only partial confidentiality impact with no integrity or availability effect.
Primary rating from Vendor (GitHub_M).
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3DescriptionNVD
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses non-constant-time memcmp() for label hash verification and has multiple distinguishable error paths. This creates a Manger-style padding oracle that allows an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. Only affects plat-d06 with CFG_HISILICON_ACC_V3=y, which seems to be disabled by default. Version 4.11.0 contains a patch. As a workaround, disable Hisilicon HPRE RSA driver with CFG_HISILICON_ACC_V3=n.
AnalysisAI
RSA-OAEP decryption in OP-TEE OS versions 4.5.0 through 4.10.x exposes a Manger-style padding oracle via the Hisilicon HPRE hardware crypto driver, enabling a local attacker to recover RSA-OAEP plaintext through approximately 1000-2000 adaptive chosen ciphertext queries. The root cause is a non-constant-time memcmp() used for label hash verification combined with distinguishable error paths - classic CWE-208 timing side-channel conditions. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all of the following simultaneously: (1) local system access with at least low-privilege credentials (PR:L per CVSS); (2) the target machine must be Hisilicon D06 hardware running the plat-d06 OP-TEE build; (3) OP-TEE must have been compiled with the non-default flag `CFG_HISILICON_ACC_V3=y` - this enables the vulnerable Hisilicon HPRE RSA driver and is stated to be off by default; and (4) the attacker must be able to submit ~1000-2000 chosen RSA-OAEP ciphertexts and reliably distinguish between different error responses from the decryption oracle. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 2.5 score (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) accurately reflects the constrained real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local attacker with low-privilege access on a Hisilicon D06 server running OP-TEE built with `CFG_HISILICON_ACC_V3=y` submits a series of approximately 1000-2000 adaptively crafted RSA-OAEP ciphertexts to the HPRE driver and observes which distinguishable error response is returned for each - specifically whether the label hash verification or padding check fails. By applying Manger's adaptive chosen ciphertext algorithm to the sequence of error signals, the attacker iteratively narrows the plaintext interval and ultimately recovers the full RSA-OAEP plaintext. … |
| Remediation | Upgrade to OP-TEE OS version 4.11.0, which contains a patch for this vulnerability as confirmed by GitHub Security Advisory GHSA-qw4r-9wj9-q23r (https://github.com/OP-TEE/optee_os/security/advisories/GHSA-qw4r-9wj9-q23r). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Subkey rollback protection in OP-TEE OS versions 3.20.0 through 4.10.x is completely non-functional due to a missing fie
Heap overflow in OP-TEE's ARM Crypto Extensions SHA-3 implementation corrupts TEE kernel memory across all platforms bui
Integer overflow in OP-TEE OS's AES-GCM implementation silently corrupts authentication tag computation when a single op
Heap exhaustion in OP-TEE OS (versions 3.3.0 through 4.10.x) allows a low-privileged normal-world local caller to progre
Stack exhaustion via unbounded recursion in the OP-TEE PKCS#11 Trusted Application allows a local low-privileged user to
RSA PKCS#1 v1.5 decryption in OP-TEE's Hisilicon HPRE hardware accelerator driver exposes a Bleichenbacher-style padding
RSA-OAEP decryption in OP-TEE OS versions 3.9.0 through 4.10.x exposes a Manger-style padding oracle via the NXP CAAM ha
Same weakness CWE-208 – Observable Timing Discrepancy
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41917