WiFi VPN Connection Vulnerability: Local Denial of Service of Security Updates on Android Devices

WiFi VPN Connection Vulnerability: Local Denial of Service of Security Updates on Android Devices

CVE-2018-9438 · MEDIUM Severity

AV:L/AC:M/AU:N/C:N/I:N/A:C

When a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks. This could lead to a local denial of service of security updates with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android ID: A-78644887.

Learn more about our Cis Benchmark Audit For Google Android.