Vulnerability

A recently published Nightwatch Cybersecurity analysis comes with an alert. All Android versions are affected by this vulnerability, including forks, except for Android Pie. Google fixed the issue at hand with Android 9 but plans no fixes for earlier versions of the OS. CVE-2018-9489 is the tracking code for the issue described.

Apparently, applications can circumvent permission checks and existing mitigations by listening to system broadcasts. These system broadcasts by Android OS, says the report, “expose information about the user’s device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address“. A rogue app gaining access to this information can use it to “identify and track any Android device”, and even geolocate it. Accessing other network information could also allow malicious apps to “explore and attack the local WiFi network”.

As mentioned, Google is aware of the problem, and has issued a fix. This fix will only be available, sadly, to those running the latest version of Android: Pie. Google “does not plan to fix older versions”, says Nightwatch Cybersecurity.




Anton is the Editor-in-Chief of Pocketnow. As publication leader, he aims to bring Pocketnow even closer to you. His vision is mainly focused on, and oriented towards, the audience. Anton’s ambition, adopted by the entire team, is to transform Pocketnow into a reference media outlet.

Contact: [email protected]

You May Also Like
Google Pixel 6 Series Pocketnow
Google Pixel 6 will only get three years of Android updates, not five
Google is keeping the same promise of three major Android updates for the Pixel 6.
OPPO foldable smartphone
OPPO could debut its foldable as soon as next month
It could be introduced alongside Reno 7 next month.
Android 12 pocketnow
Android 12 is now available on Google Pixel phones
Go to Settings and hit “Check for Updates” right now!