CVE-2018-9489 Allows Permission Checks Bypass, Only Fixed in Android P
THREAT REMOVAL

CVE-2018-9489 Allows Permission Checks Bypass, Only Fixed in Android P

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

CVE-2018-9489 is the identifier of a brand new security flaw affecting Android. The vulnerability allows malicious apps to bypass permission checks and is also easily obtaining access to read more information. This could enable malware to track device location, among other things.




CVE-2018-9489: Technical Overview

The flaw was discovered by Nightwatch Cybersecurity, who wrote that “all versions of Android running on all devices are believed to be affected including forks (such as Amazon’s FireOS for the Kindle)”. Apparently, Google has fixed the flaw in Android P / 9 but doesn’t plan to fix older versions. So, the only mitigation for now is for users to upgrade to Android P / 9 or later.

According to the researchers, further research is definitely needed to determine whether the flaw is actively exploited in the wild. It should also be noted that malicious apps can listen to system broadcasts to bypass permission checks and get access to specific device details, and this is indeed how CVE-2018-9489 can be exploited.

The vulnerability was first reported to Google in March, with Google developing a fix only for its most recent Android version.

As mentioned in the research quote above, the flaw can read a range of details such as Wi-Fi network name, local IP address, DNS server information, as well as MAC address, with the following specification:

Because MAC addresses do not change and are tied to hardware, this can be used to uniquely identify and track any Android device even when MAC address randomization is used. The network name and/or BSSID can be used to geolocate users via a lookup against a database like WiGLE or SkyHook. Other networking information can be used by rogue apps to further explore and attack the local WiFi network.

Related Story: PII, Android and iOS: Most Invasive App Permissions in 2018

How to protect your Android device from CVE-2018-9489-based exploits

The classical way to protect a device is to update to the latest version of the software, in this case Android Pie. However, this is not as easy as it seems. It should be taken into consideration that most Android OEMs are just beginning to outline their plans for the release of Android Pie to their devices.

This means that months will pass before the actual rollout of Android’s latest. For further technical details about the vulnerability, refer to the report.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...