Unrated severityNVD Advisory· Published Nov 14, 2018· Updated Aug 5, 2024
CVE-2018-9525
CVE-2018-9525
Description
In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change device settings, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111330641
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =9
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/105848mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-11-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.