Vulnerability Details CVE-2018-9418
In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.5%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2018-9418
-
cpe:2.3:o:google:android:7.0
-
cpe:2.3:o:google:android:7.1.1
-
cpe:2.3:o:google:android:7.1.2
-
cpe:2.3:o:google:android:8.0
-
cpe:2.3:o:google:android:8.1