CVE-2018-11922
published 2024-11-26CVE-2018-11922: Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
PriorityP423medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.23%
13.4th percentile
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Android
CVE-2018-11922: Closed-source component
vendor_android·2018-12-01·CVSS 9.8
CVE-2018-11922 [CRITICAL] CVE-2018-11922: Closed-source component
Android Security Bulletin 2018-12-01
CVE: CVE-2018-11922
Severity: HIGH
Type: N/A
Component: Closed-source component
References: A-112279564*
GHSA
GHSA-92v2-fpqg-mwfv: Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user
ghsa_unreviewed·2024-11-26
CVE-2018-11922 [CRITICAL] GHSA-92v2-fpqg-mwfv: Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-11-26
Published