Ooma Office Business Phone App com.ooma.office2 improper export of android...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-10718

Source VulDB

Published Sep 19, 2025 at 16:02

Affected Product

Vendor Ooma

Product Office Business Phone App

Version 7.2.0

Affected Versions Ooma Office Business Phone App 7.2.0
Ooma Office Business Phone App 7.2.1
Ooma Office Business Phone App 7.2.2

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-09-19T16:02:06.783Z",
    "modified": "2025-09-19T16:02:06.783Z",
    "type": "cve",
    "title": "Ooma Office Business Phone App com.ooma.office2 improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.325009\nhttps://vuldb.com/?ctiid.325009\nhttps://vuldb.com/?submit.645012\nhttps://github.com/KMov-g/androidapps/blob/main/com.ooma.office2.md",
    "id": "CVE-2025-10718",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "Ooma Office Business Phone App 7.2.0\nOoma Office Business Phone App 7.2.1\nOoma Office Business Phone App 7.2.2",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Office Business Phone App",
    "version": "7.2.0",
    "vendor": "Ooma",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Ooma Office Business Phone App com.ooma.office2 improper export of android application components_CVE-2025-10718