CVE-2025-8258
BaseFortify
Publication date: 2025-07-28
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| coolmo | maigcal_number | 1.0.0 |
| coolmo | maigcal_number | 1.0.1 |
| coolmo | maigcal_number | 1.0.2 |
| coolmo | maigcal_number | 1.0.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-926 | The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains. |
| CWE-NVD-CWE-Other |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8258 is a vulnerability in the Cool Mo Maigcal Number Android app (version up to 1.0.3) caused by improper export of application components in the AndroidManifest.xml file. This improper export allows malicious local attackers to hijack tasks by manipulating or taking over Android tasks, potentially inheriting the app's permissions. The vulnerability arises because the app fails to restrict which other applications can access or launch its components, leading to a Task Hijacking issue. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing a local attacker to hijack tasks within the vulnerable app, potentially gaining access to sensitive information or permissions that the app holds. This can lead to phishing attacks, such as stealing login credentials, and compromise the confidentiality, integrity, and availability of the application. Exploitation requires local access to the device, and the vulnerability affects all Android versions prior to Android 11. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting the AndroidManifest.xml file of the Cool Mo Maigcal Number App (com.sdmagic.number) version 1.0.3 for improperly exported components. Since the exploit requires local access, you can check the app's manifest for exported components that lack proper restrictions. Additionally, attackers may use Google hacking techniques such as searching for 'inurl:AndroidManifest.xml' to find vulnerable targets. Specific commands to detect this locally could include using 'adb' to pull the APK and then extract and inspect the AndroidManifest.xml file, for example: 1. adb shell pm path com.sdmagic.number 2. adb pull <path_to_apk> 3. Use tools like 'apktool' to decode the APK and inspect AndroidManifest.xml for exported components. However, no explicit detection commands are provided in the resources. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves modifying the AndroidManifest.xml file of the affected app to prevent unauthorized export of application components, thereby blocking task hijacking attempts. This means restricting the 'exported' attribute of components to false or properly defining permissions to limit access. Since the vulnerability requires local access, avoiding installation of the vulnerable app or replacing it with an alternative product is also recommended. No official patches or countermeasures have been published yet. [1, 2]