Vulnerability

A recently published Nightwatch Cybersecurity analysis comes with an alert. All Android versions are affected by this vulnerability, including forks, except for Android Pie. Google fixed the issue at hand with Android 9 but plans no fixes for earlier versions of the OS. CVE-2018-9489 is the tracking code for the issue described.

Apparently, applications can circumvent permission checks and existing mitigations by listening to system broadcasts. These system broadcasts by Android OS, says the report, “expose information about the user’s device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address“. A rogue app gaining access to this information can use it to “identify and track any Android device”, and even geolocate it. Accessing other network information could also allow malicious apps to “explore and attack the local WiFi network”.

As mentioned, Google is aware of the problem, and has issued a fix. This fix will only be available, sadly, to those running the latest version of Android: Pie. Google “does not plan to fix older versions”, says Nightwatch Cybersecurity.

You May Also Like
HUAWEI P40 Pro+ vs Samsung Galaxy S20 Ultra
Samsung Galaxy S20 series, Apple’s Mac mini and more devices are on sale today
Today’s deals come from Amazon, B&H and Best Buy, where we find the Samsung Galaxy S20 series with $200 discounts and more
Samsung Galaxy S20 Fan Edition aka S20 Lite will arrive in October
The Galaxy Note 20 will arrive in August, the Galaxy Fold 2 will hit the shelves in September, followed by the Galaxy S20 Lite in October
OnePlus Nord
OnePlus’ upcoming budget phone will officially debut as OnePlus Nord
And it will cost less than $500!