Security News > 2023 > April > Kyocera Android app with 1M installs can be abused to drop malware

A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download and potentially install malware on devices.

Although the apps list different publishers, they are based on the same code; thus, the vulnerability impacts all three.

KYOCERA published a security bulletin on the issue yesterday, urging users of its printing app to upgrade to version 3.2.0.230227, currently available via Google Play.

"KYOCERA Mobile Print's application class allows data transmission from malicious third-party mobile applications, which could result in malicious files being downloaded," reads the vendor's notice.

For such an attack to occur, the user must also install a second malicious application on their device that will trigger the payload download. Despite that requirement mitigating the severity of the flaw, it would be easy to distribute a malicious app that takes advantage of the issue, as it wouldn't have to include risky code, request the approval of risky permissions upon installation, etc.

Starting from Android 14, the exchange of intents between apps will be restricted, requiring the definition of specific recipients by the sender, the declaration of what information an app needs to receive from other apps, and whether or not receivers should be limited to system broadcasts.

News URL

https://www.bleepingcomputer.com/news/security/kyocera-android-app-with-1m-installs-can-be-abused-to-drop-malware/