← Zuruck zu CVEs
CVE-2025-9671
MEDIUM5.3
Beschreibung
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.passport.cash. Executing manipulation can lead to improper export of android application components. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVE Details
CVSS v3.1 Bewertung5.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht8/29/2025
Zuletzt geandert9/2/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-926
Referenzen
https://github.com/KMov-g/androidapps/blob/main/com.passport.cash.md#steps-to-reproduce(cna@vuldb.com)
https://vuldb.com/?ctiid.321881(cna@vuldb.com)
https://vuldb.com/?id.321881(cna@vuldb.com)
https://vuldb.com/?submit.637922(cna@vuldb.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.