CVE-2023-25954

KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. When a malicious app is installed on the victim user's Android device, the app may send an intent and direct the affected app to download malicious files or apps to the device without notification.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
jpcertCNA
---
---
CVEADP
---
---
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Common Weakness Enumeration
References
https://jvn.jp/en/vu/JVNVU98434809/
https://play.google.com/store/apps/details?id=com.kyocera.kyoprint
https://play.google.com/store/apps/details?id=com.kyocera.kyoprintolivetti
https://play.google.com/store/apps/details?id=com.kyocera.kyoprinttautax
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html
https://jvn.jp/en/vu/JVNVU98434809/
https://play.google.com/store/apps/details?id=com.kyocera.kyoprint
https://play.google.com/store/apps/details?id=com.kyocera.kyoprintolivetti
https://play.google.com/store/apps/details?id=com.kyocera.kyoprinttautax
https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html