CVE-2025-57452

Name of the Vulnerable Software and Affected Versions realme BackupRestore app version 15.1.12 2810c08 250314

Description The application suffers from improper URI scheme handling within the com.coloros.pc.PcToolMainActivity component. This allows local attackers to cause a crash and potential cross-site scripting (XSS) through crafted Android Debug Bridge (ADB) intents.

Recommendations Update to a newer version of the application that addresses this issue. As a temporary workaround, restrict the use of ADB intents with the application.