{"id":8441,"date":"2025-07-20T08:34:35","date_gmt":"2025-07-20T08:34:35","guid":{"rendered":"http:\/\/localhost\/?p=8441"},"modified":"2025-07-20T08:34:35","modified_gmt":"2025-07-20T08:34:35","slug":"idnow-app-deidnow-androidmanifestxml-improper-export-of-android-application-components","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8441","title":{"rendered":"IDnow App de.idnow AndroidManifest.xml improper export of android application components"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nIDnow App de.idnow AndroidManifest.xml improper export of android application components<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-20T13:14:05.309Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-20T13:14:05.309Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nn\/a<\/td>\n<\/tr>\n
Product<\/th>\nIDnow App<\/td>\n<\/tr>\n
Version<\/th>\n9.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n4.8 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:L\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA vulnerability in the IDnow App (versions up to 9.6.0) on Android allows improper export of application components via the AndroidManifest.xml file. This issue requires local access to exploit and has been publicly disclosed. The vendor did not respond to the disclosure.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nIDnow GmbH<\/td>\n<\/tr>\n
AI Product<\/th>\nIDnow App<\/td>\n<\/tr>\n
AI Version<\/th>\n9.0, 9.1, 9.2, 9.3, 9.4, 9.5, 9.6.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n