CVE-2018-9581

Name of the Vulnerable Software and Affected Versions: Android version Android-10

Description: The issue concerns local information disclosure in Android's WiFi functionality. Specifically, the RSSI value and SSID information are broadcast as part of android.net.wifi.RSSI CHANGE and android.net.wifi.STATE CHANGE intents. This could lead to local information disclosure without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations: For Android version Android-10, consider restricting access to WiFi intent broadcasts to minimize the risk of information disclosure until a patch is available. As a temporary workaround, limiting the use of android.net.wifi.RSSI CHANGE and android.net.wifi.STATE CHANGE intents can help mitigate the issue.