Android Vulnerability Leaks Sensitive Data through WiFi Broadcast

A vulnerability has been found in the Android operating system which broadcasts sensitive system data through WiFi broadcasting signals. This vulnerability is found to send out this data to all applications on the device to use as desired. This means that your WiFi network name, BSSID, local IP addresses, DNS server information, and MAC address are all revealed to applications on the device to use, information which would other wise require the penetration of a few layers of security before coming out plain.

In versions of the Android operating system 6 and above, some of this information is either unavailable or tougher to access but the principle of bypassing the security stands that if native applications pay attention to the broadcasts, they can decipher and derive this information.

The greatest concern with information such as a device’s MAC address getting out is the fact that MAC addresses are unique to the particular devices they represent. Using such information, a particular device can be tracked despite the employment of MAC address randomization. Using databases like WiGLE, a device’s physical location can also be tracked by matching its network name and BSSID against the information available in the database. This is a severe violation of privacy and security of individuals through their devices.

All versions of Android irrespective of the device models and brands they’re running on are expected to be affected by this vulnerability. The vulnerability has been given the CVE identification label CVE-2018-9489 for further investigation. It is believed to affect the Amazon Fire OS on the Kindle as well in the same way.

It seems that Google has updated its latest operating system versions Android P and 9 to mitigate this security vulnerability but there is no news yet on whether the company intends to resolve the issue in older versions of the operating system as well, and if so, when. Researchers are still looking into this vulnerability to discover whether any other operating systems are affected or whether the concept is being used to exploit random devices remotely as well.

Aaron Michael
Aaron Micheal is an electrical engineer by profession and a hard-core gamer by passion. His exceptional experience with computer hardware and profound knowledge in gaming makes him a very competent writer. What makes him unique is his growing interest in the state of the art technologies that motivates him to learn, adopt, and integrate latest techniques into his work.

Expert Tip

Android Vulnerability Leaks Sensitive Data through WiFi Broadcast

If the issue is with your Computer or a Laptop you should try using Restoro which can scan the repositories and replace corrupt and missing files. This works in most cases, where the issue is originated due to a system corruption. You can download Restoro by clicking the Download button below.

Download Now

I'm not interested