CVE-2018-9424

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 19, 2024

Updated: Nov 22, 2024

CWE ID 787

Summary

CVE-2018-9424 is a vulnerability affecting the CryptoPlugin component in CryptoPlugin.cpp. The issue involves a missing bounds check in the CryptoPlugin::decrypt function, potentially allowing for an out-of-bounds write. This vulnerability could result in local privilege escalation without requiring additional execution privileges, and user interaction is not necessary for exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/WILAxX
https://www.cve.org/CVERecord?id=CVE-2018-9424
https://nvd.nist.gov/vuln/detail/CVE-2018-9424

Back to Vulnerability Database