Vulnerability

A recently published Nightwatch Cybersecurity analysis comes with an alert. All Android versions are affected by this vulnerability, including forks, except for Android Pie. Google fixed the issue at hand with Android 9 but plans no fixes for earlier versions of the OS. CVE-2018-9489 is the tracking code for the issue described.

Apparently, applications can circumvent permission checks and existing mitigations by listening to system broadcasts. These system broadcasts by Android OS, says the report, “expose information about the user’s device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address“. A rogue app gaining access to this information can use it to “identify and track any Android device”, and even geolocate it. Accessing other network information could also allow malicious apps to “explore and attack the local WiFi network”.

As mentioned, Google is aware of the problem, and has issued a fix. This fix will only be available, sadly, to those running the latest version of Android: Pie. Google “does not plan to fix older versions”, says Nightwatch Cybersecurity.

You May Also Like
Motorola Nio
Motorola is prepping a high-end phone with Snapdragon 865 codenamed ‘Nio’
Motorola ‘Nio’ will reportedly pack a 90Hz display, triple rear camera setup with a 64MP main snapper, and Android 11 on the software side.
Apple’s 16-inch MacBook Pro, and more early Black Friday deals are available today
Today’s deals come from B&H, Amazon and more, where we find the late 2019 16-inch MacBook Pro, smart TVs and more devices on sale