Remote Information Disclosure Vulnerability in Android-10: Exploiting BROWSEABLE Intents to Access Sensitive URLs
CVE-2019-9428 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110150807
Learn more about our Cis Benchmark Audit For Google Android.