The Kyocera Android print app is vulnerable to unauthorized manipulation, providing malicious applications the opportunity to download and potentially install malware on vulnerable people Appliances.
The security flaw has been tracked as CVE-2023-25954. Specifically, the app is at risk of improper intent handling, which could enable malicious applications to exploit the flaw.
The vulnerability allow it to download harmful malware onto devices, posing a significant threat to users.
Here below, we have mentioned the products that are affected:-
- Android app “KYOCERA Mobile Print”, v126.96.36.199119, and earlier, it has 1 million downloads on Google Play.
- Android app “UTAX/TA MobilePrint”, v188.8.131.52119, and earlier, it has 100k downloads on Google Play.
- Android app “Olivetti Mobile Print”, v184.108.40.206119, and earlier, it has 10k downloads on Google Play.
“The KYOCERA Mobile Print app allows data transmission from malicious third-party mobile apps Appliances, which could lead to downloading malicious files“, the supplier’s announcement states.
Instead, it would simply look for the existence of these vulnerable apps and exploit them to install malware.
However, Android 14 isexpected to have enhanced security for intent handling. As a result, it will reduce the associated risks and make it more difficult to hide the true nature of data exchanges.