In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/android-10 | Vendor Advisory |
Configurations
Information
Published : 2019-09-27 12:15
Updated : 2019-10-02 06:56
NVD link : CVE-2019-9414
Mitre link : CVE-2019-9414
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
- android