CVE-2018-9489 in Androidinfo

Summary

When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-77286245.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/05/2018

Disclosure

11/06/2018

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
126518	Google Android WiFi WifiStateMachine.java sendNetworkStateChangeBroadcast information disclosure	200	Not defined	Not defined	CVE-2018-9489

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!