Vulnerability Details Affected Vendor: Mobile Dynamix Affected Product: PrinterShare Mobile Print Affected Version: up to 12.15.01 Platform: Android CWE Classification: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor, CWE-313: Cleartext Storage in a File or on Disk CVE ID: CVE-2025-5098 Vulnerability Description PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account without proper authorization. Technical Description Performed on Android 13 aarch64 – Samsung Rooted (Galaxy Tab A7 Lite) Using Frida client on Ubuntu 24.04 LTS – Frida server on Samsung Rooted Device. Playstore location: https://play.google.com/store/apps/details?id=com.dynamixsoftware.printershare&hl=en-US The target Activity is exported true. Which means any application may interact with it, given that permissions are provided. The attacking host needs to attach the device email to the application – this can be done by simply opening the application and clicking 'Gmail'. Then choose the account to be used by the application. The vulnerability is initiated in the ActivityGmail.java activity. But is reintroduced in the ActivityGmailConversation.java. As such, the attacking host can capture the authentication token for Gmail and compromise the confidentiality of the inbox. Token Leakage in ActivityGmail.java:…Read More