CVE-2018-9474

Summary

CVE-2018-9474 is a vulnerability affecting the MediaPlayer component in certain Android devices. It lies in the writeToParcel function of MediaPlayer.java where input validation is lacking, leading to a potential serialization/deserialization mismatch. This issue can result in local privilege escalation, granting an attacker heightened access without requiring any additional execution privileges or user interaction.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.