CVE-2025-10716
BaseFortify
Publication date: 2025-09-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| creality | cloud_app | 6.1.0 |
| creality | cloud_app | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-926 | The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in the Creality Cloud App up to version 6.1.0 on Android, specifically related to the AndroidManifest.xml file in the component com.cxsw.sdprinter. It allows improper export of Android application components due to manipulation, which can be exploited locally on the device. The exploit has been published and may be used.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access or manipulation of exported Android application components, potentially compromising the confidentiality, integrity, and availability of the app's data or functionality. Since the attack can be launched locally, it may allow an attacker with local access to escalate privileges or access sensitive information.