CVE-2018-9391

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 5, 2024
Updated: Dec 19, 2024
CWE ID 787

Summary

CVE-2018-9391 is a vulnerability affecting the Mediatek GPS driver's update_gps_sv and output_vzw_debug functions in the gpshal_wor.c file. The issue stems from a missing bounds check, which creates an opportunity for a possible out-of-bounds write. Successful exploitation of this vulnerability could result in local privilege escalation, granting attackers System execution privileges without requiring user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share