PT-2018-3079 · Google · Android
Publicado
2018-08-06
·
Atualizado
2018-12-12
·
CVE-2018-9445
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions 6.0 through 8.1
Description
The issue is related to a possible path traversal bug in the
readMetadata function of Utils.cpp. This bug could lead to local escalation of privilege when mounting a USB device, with no additional execution privileges needed. User interaction is not required for exploitation.Recommendations
For Android versions 6.0 through 8.1, update to a version that contains a fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android