CVE-2025-9135
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-19

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1(258) on Android. The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components. The attack must be initiated from a local position. The exploit is now public and may be used. Upgrading to version 12.1.2(259) is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor was contacted early and fixed the issue by "[r]emoving the task affinity of the app so it can't be copied".
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-19
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-08-19
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9135
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
verkehrsauskunft smartride to 12.1.2\(259\) (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-926 The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-9135 is a Task Hijacking vulnerability in the Android applications Verkehrsauskunft Österreich SmartRide and cleVVVer version 12.1.1(258). It arises from improper export of Android application components in the AndroidManifest.xml file, which allows malicious apps to inherit the permissions of the vulnerable app. This enables attackers to manipulate or take over Android tasks, often to phish login credentials. The vulnerability affects all Android versions prior to Android 11 and requires local access to be exploited. [1, 2]


How can this vulnerability impact me? :

This vulnerability can allow a malicious application on the same device to hijack tasks of the vulnerable app, inheriting its permissions. This can lead to phishing of login credentials or unauthorized access to sensitive app functions, potentially compromising user data and security. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by analyzing the AndroidManifest.xml file of the affected applications (Verkehrsauskunft Österreich SmartRide, cleVVVer, and BusBahnBim up to version 12.1.1(258)) to check for improperly exported Android application components. Specifically, look for components that are exported without proper restrictions, which could allow task hijacking. On an Android device or emulator, you can extract the APK and use commands such as 'aapt dump xmltree <app.apk> AndroidManifest.xml' or 'apktool d <app.apk>' to inspect the manifest file for exported components. Additionally, monitoring for suspicious task hijacking behavior or unauthorized permission inheritance by other apps may help detect exploitation attempts. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves upgrading the affected applications to version 12.1.2(259) or later, which resolves the issue. If upgrading is not immediately possible, modify the AndroidManifest.xml file to restrict or remove the improper export of application components to prevent unauthorized task hijacking. This includes setting 'exported' attributes appropriately and ensuring components are not accessible to malicious apps. Applying these changes blocks unauthorized access and task manipulation. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart