CVE-2018-9375
Published: 17 January 2025
Summary
CVE-2018-9375 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Google Android. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 12.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2018-9375 is a vulnerability in multiple functions of UserDictionaryProvider.java within Android, caused by a confused deputy issue. This flaw allows unauthorized addition and deletion of words in the user dictionary, potentially leading to local escalation of privilege. No additional execution privileges or user interaction are required for exploitation, as indicated by the CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and associated CWE-269 (Improper Privilege Management).
A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of need for user interaction. Successful exploitation enables escalation of privileges, resulting in high impacts on confidentiality, integrity, and availability.
The Android security bulletin for Pixel devices details patches and mitigations at https://source.android.com/security/bulletin/pixel/2018-06-01.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-20969
Vulnerability details
In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction…
more
is not needed for exploitation.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct local privilege escalation via exploitation of improper privilege management (confused deputy) in Android component.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CWE-269 improper privilege management by ensuring the UserDictionaryProvider operates with least privilege, preventing local escalation via unauthorized dictionary modifications.
Enforces approved authorizations in UserDictionaryProvider functions to block confused deputy exploitation allowing low-privilege addition/deletion of dictionary words.
Implements a reference monitor to mediate all access to the user dictionary, addressing the confused deputy flaw in provider functions.