Significant vulnerabilities were uncovered in pre-installed applications on Ulefone and Krüger&Matz Android smartphones that expose users to significant risks, including unauthorized factory resets, PIN code theft, and malicious command injection. These flaws, published on May 30, 2025, demonstrate how Improper Export of Android Application Components (CWE-926) can compromise device security at the system level. Factory […]
The post Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection appeared first on Cyber Security News.
This article has been indexed from Cyber Security News