14 Nov 2018
CVE-2018-9525 - CVE Vulnerability
In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change device settings, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111330641 (CVSS:0.0) (Last Update:2018-11-14)
Vulnerability Details : In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change device settings, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111330641 Publish Date : 2018-11-14 Last Update Date : 2018-11-14 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-9525
- References For CVE-2018-9525
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-9525There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |