CVE-2018-9412
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2018-9412 is a resource exhaustion vulnerability affecting the ID3.cpp module in certain software applications. The issue lies in the "removeUnsynchronization" function, which fails to adequately validate user input. An attacker can exploit this weakness by providing malicious input, leading to an excessive consumption of system resources. The consequence is a Denial of Service condition, where the application becomes unresponsive or crashes, requiring user interaction to trigger the exploit. No elevated privileges are required for successful exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Android