CVE-2018-9339

Summary

CVE-2018-9339 is a vulnerability affecting Parcel.java's writeTypedArrayList and readTypedArrayList functions. This issue involves type confusion, allowing an attacker to escalate privileges locally without requiring additional execution privileges. User interaction is not necessary for exploitation. In writeTypedArrayList and readTypedArrayList, there is a potential misalignment between the data types being written and read, leading to the privilege escalation. This vulnerability poses a significant risk and should be addressed promptly to prevent unauthorized access or system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.