Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-9432

Опубликовано: 19 нояб. 2024
Источник: nvd
CVSS3: 7.8
CVSS3: 7.8
EPSS Низкий

Описание

In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 0%
0.00007
Низкий

7.8 High

CVSS3

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-276

Связанные уязвимости

github логотип

GHSA-6x32-2mjm-x4r9

CVSS3: 7.8
github
около 1 года назад

In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.

EPSS

Процентиль: 0%
0.00007
Низкий

7.8 High

CVSS3

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo
CWE-276