Cisco Teams, Grindr, OkCupid, and many other apps from the formal Google Play shop keep on being at risk of the known vulnerability called CVE-2020-8913.
Key Features
Popular applications such as for example Grindr, OkCupid, Cisco Teams and more about the state Google Play shop carry on being susceptible to the known vulnerability CVE-2020-8913, and concluding that vast sums of Android users are nevertheless at an important threat to security, protection scientists at Check aim Research unveiled on Tuesday.
Initially reported in belated August by scientists at Oversecured, the vulnerability allows a threat actor to inject harmful rule into susceptible applications, giving use of the same resources for the hosting application. This kind of harmful software can siphon off sensitive and painful information off their apps in the exact same device.
The researchers arbitrarily selected an amount of high-profile apps to ensure the presence of vulnerability CVE-2020-8913 plus the bug ended up being verified in popular apps, including Grindr, Bumble, OKCupid, Cisco Teams, Yango professional, Edge, Xrecorder, PowerDirector and others.
“We’re calculating that vast sums of Android os users have reached a risk of security. Although Bing applied an area, many apps continue to be utilizing Play that is outdated Core. The vulnerability CVE-2020-8913 is very dangerous. In case a application that is malicious this vulnerability my hyperlink, it may gain rule execution inside popular applications, getting the exact exact same access due to the fact vulnerable application,” Aviran Hazum, Manager of Cellphone Research, Check aim, stated in a declaration.
“for instance, the vulnerability could allow a threat star to take authentication that is two-factor or inject code into banking applications to seize credentials. [Read more…]