WiFi VPN Connection Vulnerability: Local Denial of Service of Security Updates on Android Devices
CVE-2018-9438 · MEDIUM Severity
AV:L/AC:M/AU:N/C:N/I:N/A:C
When a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks. This could lead to a local denial of service of security updates with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android ID: A-78644887.
Learn more about our Cis Benchmark Audit For Google Android.