usd AGMay 9, 2025

We have found an interesting vulnerability in a #Matrix #Android client:

🧩 Software: #Element X Android
📦 Affected Version: <= 25.04.1
🆔 CVE: CVE-2025-27599
📊 CVSSv3.1: MEDIUM
⚠️ Prerequisites: Clicking on a crafted hyperlink or using a malicious app

Since Element X Android usually has the permission to access camera and microphone, this can be used to record audio and video from the victim. Pretty bad! 😨

🔗 Read more: https://herolab.usd.de/security-advisories/usd-2025-0010/

#InfoSec #CyberSecurity #Pentesting #Hacking #CVE_2025_27599 #SpyWare #Phishing

usd-2025-0010 - Element X Android - usd HeroLab

Advisory ID: usd-2025-0010 | Product: Element X Android | Vulnerability Type: Improper Export of Android Application Components (CWE-926)

usd HeroLab
RedPacket SecurityApr 19, 2025

CVE Alert: CVE-2025-27599 - https://www.redpacketsecurity.com/cve_alert_cve-2025-27599/

#OSINT #ThreatIntel #CyberSecurity #cve_2025_27599

CVE Alert: CVE-2025-27599 - RedPacket Security

Element X Android is a Matrix Android Client provided by element.io. Prior to version 25.04.2, a crafted hyperlink on a webpage, or a locally installed

RedPacket Security