Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Intent Injection in Kruger&Matz AppLock application
Vulnerability Description
An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system permissions, to inject an arbitrary intent with system-level privileges to a protected application. One must know the protecting PIN number (it might be revealed by exploiting CVE-2024-13916) or ask the user to provide it. Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability. Application update was released in April 2025.
CVSS Information
N/A
Vulnerability Type
CWE-926
Vulnerability Title
Krüger&Matz com.pri.applock 安全漏洞
Vulnerability Description
Krüger&Matz com.pri.applock是Krüger&Matz公司的一款手机应用程序组件。 Krüger&Matz com.pri.applock存在安全漏洞,该漏洞源于LockUI活动允许任意意图注入,可能导致系统级权限提升。
CVSS Information
N/A
Vulnerability Type
N/A