← Zuruck zu CVEs
CVE-2018-9381
HIGH7.5
Beschreibung
In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE Details
CVSS v3.1 Bewertung7.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht12/2/2024
Zuletzt geandert12/18/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
google:android
Schwachen (CWE)
CWE-908CWE-908
Referenzen
https://source.android.com/docs/security/bulletin/pixel/2018-06-01(security@android.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.