CVE-2018-9468
CVSS 3.1 Score 7.7 of 10 (high)
Details
Published Nov 20, 2024
Updated: Nov 21, 2024
Summary
CVE-2018-9468 is a vulnerability affecting the DownloadManager.java component. The issue permits an attacker to read and write arbitrary files without requiring additional execution privileges. This vulnerability arises due to a permissions bypass in the query function. Local information disclosure and file rewriting are potential consequences, with user interaction being unnecessary for exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android