CVE-2024-23453

Published: Jan 23, 2024

Modified: Jun 4, 2025

PUBLISHED

Description

Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service.

Vendor	Product	Versions
Spoon Radio Japan Inc.	Android Spoon application	affected `version 7.11.1 to 8.6.0`

References

https://play.google.com/store/apps/details?id=co.spoonme&hl=en_US

https://spoon-support.spooncast.net/jp/update

https://jvn.jp/en/jp/JVN96154238/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-23453

Description

Affected Products

References