PT-2025-35310 · Kakao · Kakao Hey Kakao App
Fxizenta
·
Published
2025-08-29
·
Updated
2025-08-29
·
CVE-2025-9673
CVSS v3.1
5.3
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Kakao Hey Kakao App versions up to 2.17.4
Description
A vulnerability exists in the Kakao Hey Kakao App on Android, affecting an unknown functionality within the
AndroidManifest.xml file of the com.kakao.i.connect component. This issue results in improper export of Android application components and requires a local attack approach. The exploit is publicly available.Recommendations
Update Kakao Hey Kakao App to a version later than 2.17.4.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kakao Hey Kakao App