Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Exposure of Applications' Encryption PINs in Kruger&Matz AppLock
Vulnerability Description
An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code. Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. Application update was released in April 2025.
CVSS Information
N/A
Vulnerability Type
CWE-926
Vulnerability Title
Krüger&Matz com.pri.applock 安全漏洞
Vulnerability Description
Krüger&Matz com.pri.applock是Krüger&Matz公司的一款手机应用程序组件。 Krüger&Matz com.pri.applock存在安全漏洞,该漏洞源于内容提供者查询方法允许PIN码泄露。
CVSS Information
N/A
Vulnerability Type
N/A