CVE-2018-9373
Published: 28 January 2025
Summary
CVE-2018-9373 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Google Android. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 18.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2018-9373 is a vulnerability in the TdlsexRxFrameHandle function of the MTK WLAN driver, where a missing bounds check enables an out-of-bounds write (CWE-787). This issue affects the MTK WLAN driver component, as documented in Android security resources.
The vulnerability allows exploitation over an adjacent network (AV:A) with low complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N). A successful attack leads to remote escalation of privilege without additional execution privileges, impacting confidentiality, integrity, and availability at a high level (C:H/I:H/A:H) and yielding a CVSS v3.1 base score of 8.8.
The Android security bulletin dated June 1, 2018 (https://source.android.com/security/bulletin/2018-06-01) addresses this vulnerability, providing patch details for mitigation in affected Android releases.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-20967
Vulnerability details
In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed…
more
for exploitation.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds write in WLAN driver directly enables local/remote privilege escalation via exploitation (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the missing bounds check in TdlsexRxFrameHandle of the MTK WLAN driver by applying the vendor-provided patch from the Android security bulletin.
Requires bounds checking and validation of received frames in the WLAN driver to prevent out-of-bounds writes.
Implements memory safeguards like non-executable regions and stack canaries to mitigate exploitation of the out-of-bounds write for privilege escalation.