Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kakao 헤이카카오 Hey Kakao App com.kakao.i.connect AndroidManifest.xml improper export of android application components
Vulnerability Description
A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.kakao.i.connect. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
CWE-926
Vulnerability Title
Kakao Hey Kakao App 安全漏洞
Vulnerability Description
Kakao Hey Kakao App是韩国Kakao公司的一款通讯应用。 Kakao Hey Kakao App 2.17.4及之前版本存在安全漏洞,该漏洞源于文件AndroidManifest.xml中组件导出不当,可能导致本地攻击。
CVSS Information
N/A
Vulnerability Type
N/A