CVE-2024-0245

NONE EPSS 8.1%
Published Mar 20, 20251y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 20, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a malicious app that hijacks the legitimate Inure app, intercepting and stealing sensitive information when installed on the victim's device. This issue affects all Android versions before Android 11.

Threat Intelligence

EPSS Exploit Probability
8.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-276

References 2

  • github.com https://github.com/hamza417/inure/commit/a0c3e68b0542bcd7007c93618e0d50a5331de061
  • huntr.com https://huntr.com/bounties/2108644e-9e54-4236-932d-f204fc68b607

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.