CVE-2016-10430
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when executing a TA which has been granted privileges to the CPVC MINK class it is possible for the TA to access methods exposed by the CPVC interface.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A TA with CPVC MINK class privileges can access CPVC interface methods on affected Qualcomm SoCs.
Vulnerability
In Android before the 2018-04-05 security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, a trusted application (TA) that has been granted privileges to the CPVC MINK class can access methods exposed by the CPVC interface [1]. This is due to insufficient access control on the CPVC interface.
Exploitation
An attacker would need to have a TA that already holds privileges to the CPVC MINK class, potentially through prior compromise or legitimate grant. The TA can then call CPVC interface methods without further authentication [1].
Impact
Successful exploitation allows the TA to invoke CPVC interface methods, which may lead to information disclosure, privilege escalation, or other unauthorized actions depending on the methods exposed [1].
Mitigation
A fix was included in the Android security patch level of 2018-04-05 or later [1]. Users should update their devices to the latest security patch level. No workaround is provided in the reference.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Qualcomm, Inc./Snapdragon Automobile, Snapdragon Mobilev5Range: SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.