{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-9675","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-08-29T10:25:30.375Z","datePublished":"2025-08-29T20:32:09.227Z","dateUpdated":"2025-09-03T15:54:38.911Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-08-29T20:32:09.227Z"},"title":"Voice Changer App com.tuyangkeji.changevoice AndroidManifest.xml improper export of android application components","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-926","lang":"en","description":"Improper Export of Android Application Components"}]}],"affected":[{"vendor":"n/a","product":"Voice Changer App","versions":[{"version":"1.0","status":"affected"},{"version":"1.1.0","status":"affected"}],"modules":["com.tuyangkeji.changevoice"]}],"descriptions":[{"lang":"en","value":"A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.tuyangkeji.changevoice. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized."},{"lang":"de","value":"In Voice Changer App bis 1.1.0 ist eine Schwachstelle entdeckt worden. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei AndroidManifest.xml der Komponente com.tuyangkeji.changevoice. Die Bearbeitung verursacht improper export of android application components. Der Angriff muss lokal passieren. Die Schwachstelle wurde öffentlich offengelegt und könnte ausgenutzt werden."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":5.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4.3,"vectorString":"AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-08-29T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-08-29T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-08-29T12:30:36.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"fxizenta (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.321887","name":"VDB-321887 | Voice Changer App com.tuyangkeji.changevoice AndroidManifest.xml improper export of android application components","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.321887","name":"VDB-321887 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.638073","name":"Submit #638073 | Voice Changer & Voice Recorder & Sound Effects Voice Changer - Sound Effects(com.tuyangkeji.changevoice) 1.1.0 Task Hijacking","tags":["third-party-advisory"]},{"url":"https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md","tags":["related"]},{"url":"https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce","tags":["exploit"]}]},"adp":[{"references":[{"url":"https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md","tags":["exploit"]},{"url":"https://github.com/KMov-g/androidapps/blob/main/com.tuyangkeji.changevoice.md#steps-to-reproduce","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-09-02T14:56:19.504203Z","id":"CVE-2025-9675","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-09-03T15:54:38.911Z"}}]}}