PT-2026-25765 · Albert Sağlık Hizmetleri Ve Ticaret · Albert Health

Fxizenta

+1

·

Publicado

2026-03-16

·

Atualizado

2026-03-16

·

CVE-2026-4250

CVSS v3.1

2.5

Baixa

VetorAV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Albert Sağlık Hizmetleri ve Ticaret Albert Health versions up to 1.7.3
Description A security issue exists in Albert Sağlık Hizmetleri ve Ticaret Albert Health on Android. The issue involves the unprotected storage of credentials due to a manipulation of the Google Cloud Service Account Key Handler component, specifically within the resources/assets/service-account.json file. The attack requires local access and is considered difficult to exploit. The exploit has been publicly disclosed. The vendor was notified but did not respond.
Recommendations Versions prior to 1.7.3 should be updated.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-256CWE-255

Identificadores relacionados

CVE-2026-4250

Produtos afetados

Albert Health