4 matches found
CVE-2018-9581
In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSICHANGE and android.net.wifi.STATECHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2018-9581
CVE-2018-9581 describes an information-disclosure flaw in Android where WiFi RSSI (and SSID) data are broadcast via intents (android.net.wifi.RSSI_CHANGE and android.net.wifi.STATE_CHANGE). This cross-process leakage can allow any on-device app to observe a user’s proximity/location context witho...
Android RSSI Broadcast Information Disclosure
Blog post here: https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-9581/ NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall ...
CVE-2018-9581
creationtimestamp| type| source ---|---|--- 2018-11-12 18:41:05+00:00| seen| MISP/5be9c820-b558-4494-a96e-4a4d0a021402 2018-11-12 18:45:50+00:00| seen| MISP/5be9ca0e-c440-4436-9b1a-4a4d0a021402 2018-11-14 14:55:54+00:00| seen| https://t.me/SecLabNews/3629 2018-11-16 14:36:58+00:00| seen|...