漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Exposure of Applications' Encryption PINs in Kruger&Matz AppLock
Vulnerability Description
An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code. Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. Application update was released in April 2025.
CVSS Information
N/A
Vulnerability Type
CWE-926
Vulnerability Title
Krüger&Matz com.pri.applock 安全漏洞
Vulnerability Description
Krüger&Matz com.pri.applock是Krüger&Matz公司的一款手机应用程序组件。 Krüger&Matz com.pri.applock存在安全漏洞,该漏洞源于内容提供者查询方法允许PIN码泄露。
CVSS Information
N/A
Vulnerability Type
N/A