CVE-2018-9435

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Dec 2, 2024

Updated: Dec 3, 2024

CWE ID 125

Summary

CVE-2018-9435 is a vulnerability affecting the BlueZ Bluetooth software. In the function gatt_process_error_rsp within gatt_cl.cc, there is a missing bounds check that may result in an out-of-bound read. This issue can lead to local information disclosure without requiring any additional execution privileges. Notably, user interaction is not necessary for an attacker to exploit this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/WITaof
https://www.cve.org/CVERecord?id=CVE-2018-9435
https://nvd.nist.gov/vuln/detail/CVE-2018-9435

Back to Vulnerability Database

CVE-2018-9435

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations