Cyber Resilience

CVE-2018-9373

High

Published: 28 January 2025

Published
28 January 2025
Modified
10 July 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0159 82.0th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2018-9373 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Google Android. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 18.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2018-9373 is a vulnerability in the TdlsexRxFrameHandle function of the MTK WLAN driver, where a missing bounds check enables an out-of-bounds write (CWE-787). This issue affects the MTK WLAN driver component, as documented in Android security resources.

The vulnerability allows exploitation over an adjacent network (AV:A) with low complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N). A successful attack leads to remote escalation of privilege without additional execution privileges, impacting confidentiality, integrity, and availability at a high level (C:H/I:H/A:H) and yielding a CVSS v3.1 base score of 8.8.

The Android security bulletin dated June 1, 2018 (https://source.android.com/security/bulletin/2018-06-01) addresses this vulnerability, providing patch details for mitigation in affected Android releases.

EU & UK References

Vulnerability details

In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed…

more

for exploitation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Out-of-bounds write in WLAN driver directly enables local/remote privilege escalation via exploitation (T1068).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-49745Same product: Google Android
CVE-2024-53837Same product: Google Android
CVE-2024-53838Same product: Google Android
CVE-2026-0124Same product: Google Android
CVE-2024-49738Same product: Google Android
CVE-2026-0037Same product: Google Android
CVE-2026-0117Same product: Google Android
CVE-2026-0123Same product: Google Android
CVE-2024-43077Same product: Google Android
CVE-2026-0010Same product: Google Android

Affected Assets

google
android
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the missing bounds check in TdlsexRxFrameHandle of the MTK WLAN driver by applying the vendor-provided patch from the Android security bulletin.

prevent

Requires bounds checking and validation of received frames in the WLAN driver to prevent out-of-bounds writes.

prevent

Implements memory safeguards like non-executable regions and stack canaries to mitigate exploitation of the out-of-bounds write for privilege escalation.

References