{"guid":"f8587f46-8a0e-58d7-8d1d-82928b8220e2","title":"Not To Be Trusted - A Fiasco in Android TEEs","subtitle":null,"slug":"39c3-not-to-be-trusted-a-fiasco-in-android-tees","link":"https://events.ccc.de/congress/2025/hub/event/detail/not-to-be-trusted-a-fiasco-in-android-tees","description":"Trusted Execution Environments (TEEs) based on ARM TrustZone form the backbone \nof modern Android devices' security architecture. The word \"Trusted\" in \nthis context means that **you**, as in \"the owner of the device\", don't \nget to execute code in this execution environment. Even when you unlock \nthe bootloader and Magisk-root your device, only vendor-signed code will\n be accepted by the TEE. This unfortunate setup limits third-party \nsecurity research to the observation of input/output behavior and static\n manual reverse engineering of TEE components.\n\nIn this talk, we take you with us on our journey to regain power over \nthe highest privilege level on Xiaomi devices. Specifically, we are \ntargeting the Xiaomi Redmi 11s and will walk through the steps necessary\n to escalate our privileges from a rooted user space (N-EL0) to the \nhighest privilege level in the Secure World (S-EL3). We will revisit old\n friends like Trusted Application rollback attacks and GlobalPlatform's \ndesign flaw, and introduce novel findings like the literal fiasco you \ncan achieve when you're introducing micro kernels without knowing what \nyou're doing. In detail, we will elaborate on the precise exploitation \nsteps taken and mitigations overcome at each stage of our exploit chain,\n and finally demo our exploits on stage.\n\nRegaining full control over our devices is the first step to deeply \nunderstand popular TEE-protected use cases including, but not limited \nto, mobile payment, mobile DRM solutions, and the mechanisms protecting your biometric \nauthentication data.\n\nWe present novel insights into the current state of TEE security on \nAndroid focusing on two widespread issues: missing TA rollback \nprotection and a type confusion bug arising from the GlobalPlatform TEE \nInternal Core API specification.\nOur results demonstrate that these issues are so widespread that on most\ndevices, attackers with code execution at N-EL1 (kernel) have a buffet \nof n-days to choose from to achieve code execution at S-EL0 (TA).\n\nFurther, we demonstrate how these issues can be weaponized to fully \ncompromise an Android device. We discuss how we exploit CVE-2023-32835, a\ntype confusion bug in the keyinstall TA, on a fully updated Xiaomi \nRedmi Note 11.\nWhile the keyinstall TA shipped in the newest firmware version is not \nvulnerable anymore, the vulnerability remains triggerable due to missing\nrollback protections.\n\nTo further demonstrate how powerful code execution as a TA is, we'll \nexploit a vulnerability in the BeanPod TEE (used on Xiaomi Mediatek \nSoCs), to achieve code execution at S-EL3. Full privilege escalations in\nthe TEE are rarely seen on stage, and we are targeting the BeanPod TEE \nwhich is based on the Fiasco micro kernel. This target has never been \npublicly exploited, to the best of our knowledge.\n\nOur work empowers security researchers by demonstrating how to regain control over \nvendor-locked TEEs, enabling deeper analysis of critical security \nmechanisms like mobile payments, DRM, and biometric authentication.\n\nLicensed to the public under http://creativecommons.org/licenses/by/4.0","original_language":"eng","persons":["0ddc0de","gannimo","Philipp"],"tags":["2119","2025","39c3","Security","Fuse","39c3-eng","39c3-deu","39c3-pol","Day 1"],"view_count":11119,"promoted":false,"date":"2025-12-27T20:30:00.000+01:00","release_date":"2025-12-27T00:00:00.000+01:00","updated_at":"2026-04-10T12:45:06.085+02:00","length":2956,"duration":2956,"thumb_url":"https://static.media.ccc.de/media/congress/2025/2119-f8587f46-8a0e-58d7-8d1d-82928b8220e2.jpg","poster_url":"https://static.media.ccc.de/media/congress/2025/2119-f8587f46-8a0e-58d7-8d1d-82928b8220e2_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2025/2119-f8587f46-8a0e-58d7-8d1d-82928b8220e2.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2025/2119-f8587f46-8a0e-58d7-8d1d-82928b8220e2.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/39c3-not-to-be-trusted-a-fiasco-in-android-tees","url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_title":"39C3: Power Cycles","conference_url":"https://api.media.ccc.de/public/conferences/39c3","related":[],"recordings":[{"size":473,"length":2956,"mime_type":"video/webm;codecs=av01","language":"eng-deu-pol","filename":"39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_av1-hd.webm","state":"new","folder":"av1-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-12-28T00:13:27.444+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/av1-hd/39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_av1-hd.webm","url":"https://api.media.ccc.de/public/recordings/94037","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":null,"length":null,"mime_type":"text/vtt","language":"eng","filename":"2119-f8587f46-8a0e-58d7-8d1d-82928b8220e2-eng.vtt","state":"auto","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2025-12-28T18:16:21.549+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/2119-f8587f46-8a0e-58d7-8d1d-82928b8220e2-eng.vtt","url":"https://api.media.ccc.de/public/recordings/94335","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":567,"length":2956,"mime_type":"video/webm","language":"eng-deu-pol","filename":"39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-12-28T00:07:49.656+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/webm-hd/39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/94035","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":217,"length":2956,"mime_type":"video/webm","language":"eng-deu-pol","filename":"39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-12-27T23:52:06.783+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/webm-sd/39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/94023","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":45,"length":2956,"mime_type":"audio/mpeg","language":"eng","filename":"39c3-2119-eng-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2025-12-28T19:53:30.627+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/mp3/39c3-2119-eng-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/94011","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":45,"length":2956,"mime_type":"audio/mpeg","language":"deu","filename":"39c3-2119-deu-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_mp3-2.mp3","state":"new","folder":"mp3-translated","high_quality":false,"width":0,"height":0,"updated_at":"2025-12-27T23:32:44.968+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/mp3-translated/39c3-2119-deu-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_mp3-2.mp3","url":"https://api.media.ccc.de/public/recordings/94010","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":240,"length":2956,"mime_type":"video/mp4","language":"eng-deu-pol","filename":"39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-12-27T23:32:02.783+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/h264-sd/39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_sd.mp4","url":"https://api.media.ccc.de/public/recordings/94009","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":28,"length":2956,"mime_type":"audio/opus","language":"deu","filename":"39c3-2119-deu-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_opus-2.opus","state":"new","folder":"opus-translation","high_quality":false,"width":0,"height":0,"updated_at":"2025-12-27T23:28:49.988+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/opus-translation/39c3-2119-deu-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_opus-2.opus","url":"https://api.media.ccc.de/public/recordings/94007","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":28,"length":2956,"mime_type":"audio/opus","language":"eng","filename":"39c3-2119-eng-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2025-12-28T19:57:32.897+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/opus/39c3-2119-eng-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_opus.opus","url":"https://api.media.ccc.de/public/recordings/94005","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":956,"length":2956,"mime_type":"video/mp4","language":"eng-deu-pol","filename":"39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-12-27T23:28:00.828+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-2119-eng-deu-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs_hd.mp4","url":"https://api.media.ccc.de/public/recordings/94004","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":707,"length":2956,"mime_type":"video/mp4","language":"pol","filename":"39c3-2119-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-12-27T23:27:41.469+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-2119-pol-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs.mp4","url":"https://api.media.ccc.de/public/recordings/94003","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":707,"length":2956,"mime_type":"video/mp4","language":"deu","filename":"39c3-2119-deu-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-12-27T23:27:25.321+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-2119-deu-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs.mp4","url":"https://api.media.ccc.de/public/recordings/94002","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"},{"size":708,"length":2956,"mime_type":"video/mp4","language":"eng","filename":"39c3-2119-eng-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-12-27T23:27:07.040+01:00","recording_url":"https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-2119-eng-Not_To_Be_Trusted_-_A_Fiasco_in_Android_TEEs.mp4","url":"https://api.media.ccc.de/public/recordings/94001","event_url":"https://api.media.ccc.de/public/events/f8587f46-8a0e-58d7-8d1d-82928b8220e2","conference_url":"https://api.media.ccc.de/public/conferences/39c3"}]}