CVE-2018-9475 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2018-9475?

CVE-2018-9475 has a CVSS score of 8.8 (HIGH). This vulnerability allows remote attackers to execute arbitrary code via Bluetooth on Android devices with SIP calling enabled. It affects Android devices running vulnerable versions, requiring no user interaction for exploitation.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code via Bluetooth on Android devices with SIP calling enabled. It affects Android devices running vulnerable versions, requiring no user interaction for exploitation.

💻 Affected Systems

Products:

Android

Versions: Android 8.0 and 8.1

Operating Systems: Android

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when SIP calling is enabled in Bluetooth settings.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Device crash or limited code execution due to exploit complexity, potentially leading to privilege escalation.

🟢

If Mitigated

No impact if Bluetooth is disabled or device is patched.

🌐 Internet-Facing: LOW (requires Bluetooth proximity, not internet)

🏢 Internal Only: HIGH (exploitable within Bluetooth range without authentication)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires Bluetooth proximity and SIP calling enabled. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level 2018-09-01 or later

Vendor Advisory: https://source.android.com/security/bulletin/2018-09-01

Restart Required: Yes

Instructions:

1. Go to Settings > System > System update. 2. Check for updates. 3. Install Android Security Patch Level 2018-09-01 or later. 4. Restart device.

🔧 Temporary Workarounds

Disable Bluetooth

android

Turn off Bluetooth to prevent exploitation.

adb shell settings put global bluetooth_on 0

Disable SIP Calling

android

Disable SIP calling in Bluetooth settings.

Navigate to Settings > Connected devices > Connection preferences > Calling > SIP accounts > Disable

🧯 If You Can't Patch

Disable Bluetooth when not in use
Disable SIP calling in Bluetooth settings

🔍 How to Verify

Check if Vulnerable:

Check Android version and security patch level in Settings > About phone > Android version.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level is 2018-09-01 or later in Settings > About phone > Android version.

📡 Detection & Monitoring

Log Indicators:

Bluetooth stack crashes in logcat
SIP-related errors in Bluetooth logs

Network Indicators:

Unusual Bluetooth pairing attempts
SIP protocol anomalies over Bluetooth

SIEM Query:

source="android_logs" AND "btif_hf" AND "stack" AND "overflow"

📊 Metadata

CVE ID: CVE-2018-9475

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: November 20, 2024

Last Updated: December 18, 2024

🔗 References

https://source.android.com/security/bulletin/2018-09-01 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-9475, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Android by Google

Android by Google

Android by Google

Android by Google

Android by Google

Android by Google

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable Bluetooth

Disable SIP Calling

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities