5.5
CVE-2026-44279
- EPSS 0.1%
- Veröffentlicht 12.05.2026 16:54:09
- Zuletzt bearbeitet 26.06.2026 09:16:34
- Quelle psirt@fortinet.com
- CVE-Watchlists
- Unerledigt
An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to disclose information via an exported Content Provider URI.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ Fortitoken Mobile Version5.2.0 SwPlatformandroid
Fortinet ≫ Fortitoken Mobile Version5.2.1 SwPlatformandroid
Fortinet ≫ Fortitoken Mobile Version5.2.2 SwPlatformandroid
Fortinet ≫ Fortitoken Mobile Version6.1.0 SwPlatformandroid
Fortinet ≫ Fortitoken Mobile Version6.2.0 SwPlatformandroid
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.009 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| psirt@fortinet.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-926 Improper Export of Android Application Components
The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://fortiguard.fortinet.com/psirt/FG-IR-26-130