CVE-2025-8275

Sažetak

A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component bsc.devy.peru_cocktails. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/KMov-g/androidapps/blob/main/bsc.devy.peru_cocktails.md
https://vuldb.com/?ctiid.317864
https://vuldb.com/?id.317864
https://vuldb.com/?submit.623582

CVSS

Base:	4.3
Impact:	6.4
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-07-2025 - 14:14

Objavljeno

28-07-2025 - 13:15