CVE-2023-25954

Sažetak

KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. When a malicious app is installed on the victim user's Android device, the app may send an intent and direct the affected app to download malicious files or apps to the device without notification.

Reference

https://jvn.jp/en/vu/JVNVU98434809/
https://play.google.com/store/apps/details?id=com.kyocera.kyoprint
https://play.google.com/store/apps/details?id=com.kyocera.kyoprintolivetti
https://play.google.com/store/apps/details?id=com.kyocera.kyoprinttautax
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html
https://jvn.jp/en/vu/JVNVU98434809/
https://play.google.com/store/apps/details?id=com.kyocera.kyoprint
https://play.google.com/store/apps/details?id=com.kyocera.kyoprintolivetti
https://play.google.com/store/apps/details?id=com.kyocera.kyoprinttautax
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Zadnje važnije ažuriranje

07-02-2025 - 17:15

Objavljeno

13-04-2023 - 04:15