CVE-2024-0245
NONE EPSS 8.1%
Published Mar 20, 20251y ago · Modified Jun 17, 20262w ago
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a malicious app that hijacks the legitimate Inure app, intercepting and stealing sensitive information when installed on the victim's device. This issue affects all Android versions before Android 11.
Threat Intelligence
EPSS Exploit Probability
8.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-276
References 2
- github.com https://github.com/hamza417/inure/commit/a0c3e68b0542bcd7007c93618e0d50a5331de061
- huntr.com https://huntr.com/bounties/2108644e-9e54-4236-932d-f204fc68b607
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.