CVE-2022-41926

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Nextcloud Talk Android versions prior to 14.1.0

Description The issue affects the Nextcloud Talk Android, which is the Android OS implementation of the Nextcloud Talk chat system. In affected versions, the receiver is not protected by broadcastPermission, allowing malicious apps to monitor communication.

Recommendations For versions prior to 14.1.0, upgrade to version 14.1.0 to resolve the issue. As a temporary workaround, consider restricting access to sensitive communication features until the upgrade is applied.

Exploit

Fix

Information Disclosure

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-732

Related Identifiers

CVE-2022-41926

GHSA-564V-3RFC-352M

Affected Products

Nextcloud Talk Android

CVE-2022-41926

Weakness Enumeration

Related Identifiers

Affected Products

References · 7