CWE-926
Improper Export of Android Application Components
The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
CVE-2024-13915 (GCVE-0-2024-13915)
Vulnerability from cvelistv5 – Published: 2025-05-30 15:09 – Updated: 2025-06-10 08:49
VLAI
Title
Unrestricted Access to Exported Service in com.pri.factorytest
Summary
Android based smartphones from vendors such as Ulefone and Krüger&Matz contain "com.pri.factorytest" application preloaded onto devices during manufacturing process.
The application "com.pri.factorytest" (version name: 1.0, version code: 1) exposes a ”com.pri.factorytest.emmc.FactoryResetService“ service allowing any application to perform a factory reset of the device.
Application update did not increment the APK version. Instead, it was bundled in OS builds released later than December 2024 (Ulefone) and April 2025 (Krüger&Matz).
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2024-13915 | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ulefone | com.pri.factorytest |
Unknown:
0 , ≤ 1.0
(semver)
|
|
| Krüger&Matz | com.pri.factorytest |
Unknown:
0 , ≤ 1.0
(semver)
|
Date Public
2025-05-30 15:09
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T16:00:23.806310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T16:02:14.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.pri.factorytest",
"vendor": "Ulefone",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "com.pri.factorytest",
"vendor": "Kr\u00fcger\u0026Matz",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Szymon Chadam"
}
],
"datePublic": "2025-05-30T15:09:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Android based smartphones from vendors such as Ulefone and\u0026nbsp;Kr\u00fcger\u0026amp;Matz contain \"com.pri.factorytest\" application preloaded onto devices during manufacturing process.\u003cbr\u003eThe application\u0026nbsp;\"com.pri.factorytest\"\u0026nbsp;(version name: 1.0, version code: 1)\u0026nbsp;exposes a \u201dcom.pri.factorytest.emmc.FactoryResetService\u201c service allowing any application to perform a factory reset of the device.\u0026nbsp;\u003cbr\u003eApplication update did not increment the APK version. Instead, it was bundled in OS builds released later than December 2024 (Ulefone) and April 2025 (Kr\u00fcger\u0026amp;Matz).\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Android based smartphones from vendors such as Ulefone and\u00a0Kr\u00fcger\u0026Matz contain \"com.pri.factorytest\" application preloaded onto devices during manufacturing process.\nThe application\u00a0\"com.pri.factorytest\"\u00a0(version name: 1.0, version code: 1)\u00a0exposes a \u201dcom.pri.factorytest.emmc.FactoryResetService\u201c service allowing any application to perform a factory reset of the device.\u00a0\nApplication update did not increment the APK version. Instead, it was bundled in OS builds released later than December 2024 (Ulefone) and April 2025 (Kr\u00fcger\u0026Matz)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T08:49:37.732Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2024-13915"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unrestricted Access to Exported Service in com.pri.factorytest",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-13915",
"datePublished": "2025-05-30T15:09:58.520Z",
"dateReserved": "2025-03-04T13:18:34.018Z",
"dateUpdated": "2025-06-10T08:49:37.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13916 (GCVE-0-2024-13916)
Vulnerability from cvelistv5 – Published: 2025-05-30 15:16 – Updated: 2025-10-03 09:01
VLAI
Title
Exposure of Applications' Encryption PINs in Kruger&Matz AppLock
Summary
An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.
Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code.
Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability.
Application update was released in April 2025.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2024-13915 | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kruger&Matz | com.pri.applock |
Affected:
13
|
Date Public
2025-05-30 10:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T15:46:06.274077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T15:46:37.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.pri.applock",
"vendor": "Kruger\u0026Matz",
"versions": [
{
"status": "affected",
"version": "13"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Szymon Chadam"
}
],
"datePublic": "2025-05-30T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An\u0026nbsp;application \"com.pri.applock\", which is pre-loaded on\u0026nbsp;Kruger\u0026amp;Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.\u003cbr\u003eExposed \u201dcom.android.providers.settings.fingerprint.PriFpShareProvider\u201c content provider\u0027s public method \u003ci\u003equery()\u003c/i\u003e allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code.\u003cbr\u003e\u003cbr\u003eOnly version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. \u003cbr\u003eApplication update was released in April 2025."
}
],
"value": "An\u00a0application \"com.pri.applock\", which is pre-loaded on\u00a0Kruger\u0026Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.\nExposed \u201dcom.android.providers.settings.fingerprint.PriFpShareProvider\u201c content provider\u0027s public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code.\n\nOnly version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. \nApplication update was released in April 2025."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-03T09:01:35.255Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2024-13915"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Exposure of Applications\u0027 Encryption PINs in Kruger\u0026Matz AppLock",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-13916",
"datePublished": "2025-05-30T15:16:03.066Z",
"dateReserved": "2025-03-04T13:18:35.318Z",
"dateUpdated": "2025-10-03T09:01:35.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13917 (GCVE-0-2024-13917)
Vulnerability from cvelistv5 – Published: 2025-05-30 15:17 – Updated: 2025-06-10 09:12
VLAI
Title
Intent Injection in Kruger&Matz AppLock application
Summary
An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.
Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system permissions, to inject an arbitrary intent with system-level privileges to a protected application. One must know the protecting PIN number (it might be revealed by exploiting CVE-2024-13916) or ask the user to provide it.
Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability.
Application update was released in April 2025.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2024-13915 | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kruger&Matz | com.pri.applock |
Affected:
13
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T15:38:27.152404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T15:38:38.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.pri.applock",
"vendor": "Kruger\u0026Matz",
"versions": [
{
"status": "affected",
"version": "13"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Szymon Chadam"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An\u0026nbsp;application \"com.pri.applock\", which is pre-loaded on\u0026nbsp;Kruger\u0026amp;Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.\u003cbr\u003eExposed \u201dcom.pri.applock.LockUI\u201c activity allows any other malicious application, with no granted Android system permissions, to inject an arbitrary intent with system-level privileges to a protected application. One must know the protecting PIN number (it might be revealed by exploiting\u0026nbsp;CVE-2024-13916) or ask the user to provide it.\u003cbr\u003e\u003cbr\u003eOnly version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. \u003cbr\u003eApplication update was released in April 2025.\u003cbr\u003e"
}
],
"value": "An\u00a0application \"com.pri.applock\", which is pre-loaded on\u00a0Kruger\u0026Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.\nExposed \u201dcom.pri.applock.LockUI\u201c activity allows any other malicious application, with no granted Android system permissions, to inject an arbitrary intent with system-level privileges to a protected application. One must know the protecting PIN number (it might be revealed by exploiting\u00a0CVE-2024-13916) or ask the user to provide it.\n\nOnly version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. \nApplication update was released in April 2025."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T09:12:56.279Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2024-13915"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Intent Injection in Kruger\u0026Matz AppLock application",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-13917",
"datePublished": "2025-05-30T15:17:47.318Z",
"dateReserved": "2025-03-04T13:18:36.774Z",
"dateUpdated": "2025-06-10T09:12:56.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27086 (GCVE-0-2024-27086)
Vulnerability from cvelistv5 – Published: 2024-04-16 21:34 – Updated: 2024-08-02 00:27
VLAI
Title
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service
Summary
The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability.
A malicious application running on a customer Android device can cause local denial of service against applications that were built using MSAL.NET for authentication on the same device (i.e., prevent the user of the legitimate application from logging in) due to incorrect activity export configuration. MSAL.NET version 4.60.1 includes the fix. As a workaround, a developer may explicitly mark the MSAL.NET activity non-exported.
Severity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/AzureAD/microsoft-authenticati… | x_refsource_CONFIRM |
| https://github.com/AzureAD/microsoft-authenticati… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AzureAD | microsoft-authentication-library-for-dotnet |
Affected:
>= 4.48.0, < 4.59.1
Affected: >= 4.60.0, < 4.60.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-26T15:25:35.664179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T15:25:43.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:57.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/security/advisories/GHSA-x674-v45j-fwxw",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/security/advisories/GHSA-x674-v45j-fwxw"
},
{
"name": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/commit/413e319472ccf48c86647f19fa2aa49ff6038488",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/commit/413e319472ccf48c86647f19fa2aa49ff6038488"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "microsoft-authentication-library-for-dotnet",
"vendor": "AzureAD",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.48.0, \u003c 4.59.1"
},
{
"status": "affected",
"version": "\u003e= 4.60.0, \u003c 4.60.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. \nA malicious application running on a customer Android device can cause local denial of service against applications that were built using MSAL.NET for authentication on the same device (i.e., prevent the user of the legitimate application from logging in) due to incorrect activity export configuration. MSAL.NET version 4.60.1 includes the fix. As a workaround, a developer may explicitly mark the MSAL.NET activity non-exported."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-16T21:34:25.839Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/security/advisories/GHSA-x674-v45j-fwxw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/security/advisories/GHSA-x674-v45j-fwxw"
},
{
"name": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/commit/413e319472ccf48c86647f19fa2aa49ff6038488",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/commit/413e319472ccf48c86647f19fa2aa49ff6038488"
}
],
"source": {
"advisory": "GHSA-x674-v45j-fwxw",
"discovery": "UNKNOWN"
},
"title": "MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27086",
"datePublished": "2024-04-16T21:34:25.839Z",
"dateReserved": "2024-02-19T14:43:05.992Z",
"dateUpdated": "2024-08-02T00:27:57.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3479 (GCVE-0-2024-3479)
Vulnerability from cvelistv5 – Published: 2024-05-03 14:10 – Updated: 2024-08-01 20:12
VLAI
Summary
An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T16:48:35.392275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:48:42.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178947"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper export vulnerability was reported in the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMotorola Enterprise \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMoto\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDp\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003em\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eProvider \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e(\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecom.motorola\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.server.enterprise.MotoDpmsProvider\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e) \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethat could allow a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003elocal attacker to read \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003elocal \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edata\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e"
}
],
"value": "\nAn improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:10:07.470Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178947"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3479",
"datePublished": "2024-05-03T14:10:07.470Z",
"dateReserved": "2024-04-08T18:34:57.602Z",
"dateUpdated": "2024-08-01T20:12:07.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6051 (GCVE-0-2024-6051)
Vulnerability from cvelistv5 – Published: 2024-09-30 12:33 – Updated: 2025-10-03 09:04
VLAI
Title
Cross Application Scripting in Redlink SDK
Summary
Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/09/CVE-2024-6051/ | third-party-advisory |
| https://cert.pl/posts/2024/09/CVE-2024-6051/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Vercom S.A. | Redlink SDK |
Affected:
0 , ≤ 1.13
(custom)
|
Date Public
2024-09-30 10:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T14:34:26.074722Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T14:34:54.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Redlink SDK",
"repo": "https://github.com/vercomsa/redlink-push-android-sdk",
"vendor": "Vercom S.A.",
"versions": [
{
"lessThanOrEqual": "1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maksymilian Motyl (Immunity Systems)"
}
],
"datePublic": "2024-09-30T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK\u0026nbsp;in specific situations allows local code injection and to manipulate the view of a vulnerable application.\u003cp\u003eThis issue affects Redlink SDK versions through 1.13.\u003c/p\u003e"
}
],
"value": "Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK\u00a0in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "CLEAR",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:L/U:Clear",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-03T09:04:28.944Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/09/CVE-2024-6051/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/09/CVE-2024-6051/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross Application Scripting in Redlink SDK",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-6051",
"datePublished": "2024-09-30T12:33:25.438Z",
"dateReserved": "2024-06-17T09:27:09.006Z",
"dateUpdated": "2025-10-03T09:04:28.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10195 (GCVE-0-2025-10195)
Vulnerability from cvelistv5 – Published: 2025-09-10 00:02 – Updated: 2025-09-10 13:05
VLAI
Title
Seismic App com.seismic.doccenter AndroidManifest.xml improper export of android application components
Summary
A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.323235 | vdb-entry |
| https://vuldb.com/?ctiid.323235 | signaturepermissions-required |
| https://vuldb.com/?submit.639041 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Seismic App |
Affected:
2.4.2
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:05:53.151583Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T13:05:57.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md#steps-to-reproduce"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.seismic.doccenter"
],
"product": "Seismic App",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.4.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Seismic App 2.4.2 auf Android ist eine Schwachstelle entdeckt worden. Betroffen hiervon ist ein unbekannter Ablauf der Datei AndroidManifest.xml der Komponente com.seismic.doccenter. Durch die Manipulation mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss lokal durchgef\u00fchrt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T00:02:05.924Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-323235 | Seismic App com.seismic.doccenter AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.323235"
},
{
"name": "VDB-323235 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.323235"
},
{
"name": "Submit #639041 | Seismic Software seismic(com.seismic.doccenter) 2.4.2 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.639041"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.seismic.doccenter.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-09T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-09T18:12:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "Seismic App com.seismic.doccenter AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10195",
"datePublished": "2025-09-10T00:02:05.924Z",
"dateReserved": "2025-09-09T16:07:41.525Z",
"dateUpdated": "2025-09-10T13:05:57.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10715 (GCVE-0-2025-10715)
Vulnerability from cvelistv5 – Published: 2025-09-19 13:32 – Updated: 2025-09-19 13:50
VLAI
Title
APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components
Summary
A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.ape_edication. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325003 | vdb-entry |
| https://vuldb.com/?ctiid.325003 | signaturepermissions-required |
| https://vuldb.com/?submit.645006 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| APEUni | PTE Exam Practice App |
Affected:
10.0
Affected: 10.1 Affected: 10.2 Affected: 10.3 Affected: 10.4 Affected: 10.5 Affected: 10.6 Affected: 10.7 Affected: 10.8.0 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10715",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T13:50:33.393488Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:50:48.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.ape_edication"
],
"product": "PTE Exam Practice App",
"vendor": "APEUni",
"versions": [
{
"status": "affected",
"version": "10.0"
},
{
"status": "affected",
"version": "10.1"
},
{
"status": "affected",
"version": "10.2"
},
{
"status": "affected",
"version": "10.3"
},
{
"status": "affected",
"version": "10.4"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "10.6"
},
{
"status": "affected",
"version": "10.7"
},
{
"status": "affected",
"version": "10.8.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.ape_edication. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In APEUni PTE Exam Practice App bis 10.8.0 auf Android ist eine Schwachstelle entdeckt worden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei AndroidManifest.xml der Komponente com.ape_edication. Durch das Manipulieren mit unbekannten Daten kann eine improper export of android application components-Schwachstelle ausgenutzt werden. Der Angriff muss auf lokaler Ebene erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T13:32:08.187Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325003 | APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325003"
},
{
"name": "VDB-325003 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325003"
},
{
"name": "Submit #645006 | APEUni Edu APEUni 10.8.0 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645006"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ape_edication.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.ape_edication.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T10:33:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10715",
"datePublished": "2025-09-19T13:32:08.187Z",
"dateReserved": "2025-09-19T08:26:26.705Z",
"dateUpdated": "2025-09-19T13:50:48.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10716 (GCVE-0-2025-10716)
Vulnerability from cvelistv5 – Published: 2025-09-19 14:32 – Updated: 2025-09-19 16:53
VLAI
Title
Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components
Summary
A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325007 | vdb-entry |
| https://vuldb.com/?ctiid.325007 | signaturepermissions-required |
| https://vuldb.com/?submit.645009 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10716",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T16:52:54.663268Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T16:53:10.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.cxsw.sdprinter.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.cxsw.sdprinter"
],
"product": "Cloud App",
"vendor": "Creality",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Creality Cloud App bis 6.1.0 auf Android ist eine Schwachstelle entdeckt worden. Betroffen davon ist eine unbekannte Funktion der Datei AndroidManifest.xml der Komponente com.cxsw.sdprinter. Die Manipulation f\u00fchrt zu improper export of android application components. Der Angriff muss lokal passieren. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T14:32:06.250Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325007 | Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325007"
},
{
"name": "VDB-325007 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325007"
},
{
"name": "Submit #645009 | Creality Cloud 6.1.0 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645009"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.cxsw.sdprinter.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T10:34:40.000Z",
"value": "VulDB entry last update"
}
],
"title": "Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10716",
"datePublished": "2025-09-19T14:32:06.250Z",
"dateReserved": "2025-09-19T08:29:22.669Z",
"dateUpdated": "2025-09-19T16:53:10.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10717 (GCVE-0-2025-10717)
Vulnerability from cvelistv5 – Published: 2025-09-19 14:32 – Updated: 2025-09-19 16:52
VLAI
Title
intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components
Summary
A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
CWE
- CWE-926 - Improper Export of Android Application Components
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325008 | vdb-entry |
| https://vuldb.com/?ctiid.325008 | signaturepermissions-required |
| https://vuldb.com/?submit.645010 | third-party-advisory |
| https://github.com/KMov-g/androidapps/blob/main/c… | related |
| https://github.com/KMov-g/androidapps/blob/main/c… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| intsig | CamScanner App |
Affected:
6.91.1.5.250711
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10717",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T16:52:07.941304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T16:52:27.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.intsig.camscanner.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"com.intsig.camscanner"
],
"product": "CamScanner App",
"vendor": "intsig",
"versions": [
{
"status": "affected",
"version": "6.91.1.5.250711"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "fxizenta (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in intsig CamScanner App 6.91.1.5.250711 auf Android gefunden. Es betrifft eine unbekannte Funktion der Datei AndroidManifest.xml der Komponente com.intsig.camscanner. Die Ver\u00e4nderung resultiert in improper export of android application components. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T14:32:08.701Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325008 | intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325008"
},
{
"name": "VDB-325008 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325008"
},
{
"name": "Submit #645010 | INTSIG PTE CamScanner 6.91.1.5.2507110000 Task Hijacking",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.645010"
},
{
"tags": [
"related"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.intsig.camscanner.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/KMov-g/androidapps/blob/main/com.intsig.camscanner.md#steps-to-reproduce"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-19T11:39:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10717",
"datePublished": "2025-09-19T14:32:08.701Z",
"dateReserved": "2025-09-19T09:34:28.623Z",
"dateUpdated": "2025-09-19T16:52:27.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Build and Compilation
Strategy: Attack Surface Reduction
Description:
- If they do not need to be shared by other applications, explicitly mark components with android:exported="false" in the application manifest.
Mitigation
Phase: Build and Compilation
Strategy: Attack Surface Reduction
Description:
- If you only intend to use exported components between related apps under your control, use android:protectionLevel="signature" in the xml manifest to restrict access to applications signed by you.
Mitigation
Phases: Build and Compilation, Architecture and Design
Strategy: Attack Surface Reduction
Description:
- Limit Content Provider permissions (read/write) as appropriate.
Mitigation
Phases: Build and Compilation, Architecture and Design
Strategy: Separation of Privilege
Description:
- Limit Content Provider permissions (read/write) as appropriate.
No CAPEC attack patterns related to this CWE.