Vulnerability Database

296,202

Total vulnerabilities in the database

CVE-2018-9432

In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.

  • Published: Nov 19, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2018-9432
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Software From Fixed in
google / android 7.1.2 7.1.2.x
google / android 6.0.1 6.0.1.x
google / android 6.0 6.0.x
google / android 7.0 7.0.x
google / android 8.0 8.0.x
google / android 7.1.1 7.1.1.x
google / android 8.1 8.1.x