PT-2026-30194 · Unknown · Investory Toy Planet Trouble App
Fxizenta
·
Published
2026-04-03
·
Updated
2026-04-03
·
CVE-2026-5471
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Investory Toy Planet Trouble App versions up to 1.5.5
Description
A security issue exists in Investory Toy Planet Trouble App on Android. The issue involves the manipulation of the
current key argument, leading to the use of a hard-coded cryptographic key within the file assets/google-services-desktop.json of the component app.investory.toyfactory. The attack requires local access. The exploit is publicly available.Recommendations
Update Investory Toy Planet Trouble App to a version newer than 1.5.5.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Investory Toy Planet Trouble App