Back to search
CVE-2025-5344
Published: Jul 17, 2025
Modified: Jul 17, 2025
PUBLISHED
Description
Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher.IpartnerKioskRemoteService". A local attacker can bind to the AIDL-type service to modify device's global settings and wallpaper image. This issue affects all versions before 1.1.2.
| Vendor | Product | Versions |
|---|---|---|
Bluebird | com.bluebird.kiosk.launcher | affected 0 - < 1.1.2 |
Weaknesses (CWE)
References
https://cert.pl/en/posts/2025/07/CVE-2025-5344
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now