Android

1M Times Downloaded Android Printing App Can Be Abused to Drop Malware

by Esmeralda McKenzie
written by Esmeralda McKenzie
1M Times Downloaded Android Printing App Can Be Abused to Drop Malware

1M Times Downloaded Android Printing App Can Be Abused to Drop Malware

Android Printing App

A severe security trouble has been found by the Jap Vulnerability Notes (JVN) with the Kyocera Android printing app.

The security flaw has been tracked as CVE-2023-25954. Particularly, the app is in threat of cross intent handling, which might perhaps perhaps well enable malicious applications to profit from the flaw.

This might perhaps allow it to download cross malware onto units, posing a principal threat to users.

In light of the aforementioned security trouble, KYOCERA has taken swift action and launched a security bulletin to yell users of the potential vulnerability.

Merchandise Affected

Right here below, now we enjoy mentioned the products that are affected:-

  • Android app “KYOCERA Mobile Print”, v3.2.0.230119, and earlier, it has 1 million downloads on Google Play.
  • Android app “UTAX/TA MobilePrint”, v3.2.0.230119, and earlier, it has 100k downloads on Google Play.
  • ​Android app “Olivetti Mobile Print”, v3.2.0.230119, and earlier, it has 10k downloads on Google Play.

Despite being printed by assorted publishers, it has been found that each one these three apps portion the the same source code.

This suggests the vulnerability impacts all three apps, irrespective of their respective publishers. The bulletin urges all users of the affected printing app to fortify to the most up-to-date model, 3.2.0.230227, which is without delay readily accessible for download on Google Play.

For the a success execution of the attack, the particular person would also want to put in a separate and malicious software program on their tool.

Right here the secondary malicious app shall be feeble to region off the payload download, which might perhaps enable the vulnerability to be exploited. Besides this, a malicious app will be with out concerns distributed that exploits this vulnerability.

Because it wouldn’t require any terrible code to be incorporated in it, or upon set up, it wouldn’t must ask for suspicious permissions.

Nevertheless, Android 14 is anticipated to enjoy enhanced security for intent handling. Because of this, it might perhaps well perhaps well decrease the connected dangers and design it more sophisticated to disguise the appropriate nature of files exchanges.

Associated Be taught:

  • Novel Android Banking Malware Attacking Over 400 Monetary Apps
  • Weaponized Telegram and WhatsApp Apps Attack Android & House windows Customers
  • Beware! Incorrect ChatGPT House windows & Android Apps Bring Unhealthy Malware
  • PixPirate Android Malware Stealing Banking Passwords From Browsers

Source credit : cybersecuritynews.com

Related Posts

Konfety Hackers Hosted 250 apps on Google’s Play...

Leaked Cellebrite Tool Docs Reveal List of Phones...

SpyMax RAT Attacking Android Users Via Telegram to...

New Android Rafel RAT Takes Complete Control Of...

Arid Viper Weaponizing Android Apps To Exfiltrate Login...

WPS Office For Android Vulnerability Puts Over 500...

New CraxsRAT Version Claims Capability To Bypass Google...

Finland Warns Of New Android Malware Stealing Banking...

Multiple Xiaomi Android Devices Vulnerability Let Attackers Hijack...

Path Traversal Vulnerability In Popular Android Apps Let...