PT-2026-25765 · Albert Sağlık Hizmetleri Ve Ticaret · Albert Health

Fxizenta

Published

2026-03-16

Updated

2026-03-16

CVE-2026-4250

CVSS v3.1

2.5

Low

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Albert Sağlık Hizmetleri ve Ticaret Albert Health versions up to 1.7.3

Description A security issue exists in Albert Sağlık Hizmetleri ve Ticaret Albert Health on Android. The issue involves the unprotected storage of credentials due to a manipulation of the Google Cloud Service Account Key Handler component, specifically within the resources/assets/service-account.json file. The attack requires local access and is considered difficult to exploit. The exploit has been publicly disclosed. The vendor was notified but did not respond.

Recommendations Versions prior to 1.7.3 should be updated.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-256CWE-255

Related Identifiers

CVE-2026-4250

Affected Products

Albert Health

PT-2026-25765 · Albert Sağlık Hizmetleri Ve Ticaret · Albert Health

CVE-2026-4250

Weakness Enumeration

Related Identifiers

Affected Products

References · 7