A Kyocera Android printing app is vulnerable to mishandling of intent, which allows other malicious apps to exploit the flaw to download and potentially install malware on devices.
According a security advisory by JVN (Japanese Vulnerability Notes), a state-supported portal dedicated to raising awareness of security issues, the issue, the flaw is tracked as CVE-2023-25954 and affects the following applications:
Although the applications list different editors, they are based on the same code; thus, vulnerability impacts all three.
KYOCERA yesterday issued a security bulletin on the issue, urging users of its printing app to upgrade to version 22.214.171.124227, currently available through Google Play.
“KYOCERA Mobile Print’s application class allows transmission of data from malicious third-party mobile applications, which could lead to downloading malicious files.” read the seller’s opinion.
“And, by using the KYOCERA Mobile Print web browser functionality, it is possible to access malicious sites and download and execute malicious files, which may lead to the acquisition of internal information on devices mobile.”
For such an attack to happen, the user also needs to install a second malicious app on their device which will trigger the download of the payload.
Despite this requirement mitigating the severity of the flaw, it would be easy to distribute a malicious application that takes advantage of the problem, since it would not have to include risky code, ask for risky permissions approval when installation, etc
Instead, it would simply check for the presence of these vulnerable apps and abuse them to install malware.
Android 14 to reduce the risk
The next version of Android 14 is about to release manage intents more securelymitigating the associated risks and making it more difficult to conceal the true nature of “under the hood” data exchanges.
Starting with Android 14, the exchange of intents between apps will be restricted, requiring the sender to define specific recipients, declare what information an app should receive from other apps, and whether receivers should or not be limited to system broadcasts. .
This security enhancement would protect privileged apps such as printing utilities from malicious intent sent by other apps running on the same device.