Memory corruption attacks within Android TEEs: A case study based on OP-TEE

Fleischer F, Busch M, Kuhrt P (2020)

Publication Type: Conference contribution

Publication year: 2020

Publisher: Association for Computing Machinery

Conference Proceedings Title: ACM International Conference Proceeding Series

Event location: Online

ISBN: 9781450388337

DOI: 10.1145/3407023.3407072


Many security-critical services on mobile devices rely on Trusted Execution Environments (TEEs). However, due to the proprietary and locked-down nature of TEEs, the available information about these systems is scarce. In recent years, we have witnessed several exploits targeting all major commercially used TEEs, which raises questions about the capabilities of TEEs to provide the expected integrity and confidentiality guarantees. In this paper, we evaluate the exploitability of TEEs by analyzing common flaws from the perspective of an adversary. We provide multiple vulnerable TEE applications for OP-TEE, a reference implementation for TEEs, and elaborate on the steps necessary for their exploitation on an Android system. Our vulnerable examples are inspired by real-world exploits seen in-the-wild on commercially used TEEs. With this work, we provide developers and researchers with introductory knowledge to realistically assess the capabilities of TEEs. For these purposes, we also make our examples publicly available.

Authors with CRIS profile

How to cite


Fleischer, F., Busch, M., & Kuhrt, P. (2020). Memory corruption attacks within Android TEEs: A case study based on OP-TEE. In ACM International Conference Proceeding Series. Online: Association for Computing Machinery.


Fleischer, Fabian, Marcel Busch, and Phillip Kuhrt. "Memory corruption attacks within Android TEEs: A case study based on OP-TEE." Proceedings of the 15th International Conference on Availability, Reliability and Security, ARES 2020, Online Association for Computing Machinery, 2020.

BibTeX: Download