Listen to this Post
Smartphone users around the world face new threats as major vulnerabilities have been discovered in devices from Ulefone and Krüger\&Matz. These flaws reside in preinstalled applications, exposing users to unauthorized factory resets, theft of PIN codes, and the injection of harmful commands. With millions relying on these brands, the security risks highlighted by recent findings demand urgent attention.
At the heart of these issues are three significant vulnerabilities officially documented on May 30, 2025. Each exploits critical weaknesses in software that comes preloaded on these phones, undermining basic security protections. The most alarming is CVE-2024-13915, linked to a diagnostic app named “com.pri.factorytest.” This app contains a service that any installed application can trigger to perform a full factory reset without user permission. Since the service is improperly exposed, attackers only need to get a malicious app onto the device to wipe out all personal data and settings—a catastrophic loss for users.
Although Ulefone addressed this problem in operating system updates released after December 2024 and Krüger\&Matz likely patched it in builds from March 2025, the fixes are not easy for users to detect because the app’s version number was not updated. This means many might remain unaware that their device is vulnerable.
Additional flaws affect the “com.pri.applock” app on Krüger\&Matz devices, designed to protect apps using PIN codes or biometrics. CVE-2024-13916 exposes a content provider that lets any malicious app retrieve the user’s PIN without needing special permissions. This breaks the app lock security entirely, rendering it ineffective. Worse still, CVE-2024-13917 allows attackers to use the stolen PIN to inject harmful commands with elevated system privileges, escalating the attack’s impact. Together, these vulnerabilities form a dangerous chain that compromises device security and user privacy.
Independent security researcher Szymon Chadam uncovered these issues and responsibly disclosed them, illustrating the critical role of security research in protecting consumers.
The discovery of these vulnerabilities underlines the risks tied to vendor-installed apps on smartphones. Factory-installed software is often overlooked in security audits, yet these applications have deep system access and can introduce critical weaknesses. When manufacturers fail to secure these apps properly, they expose millions of users to potentially devastating attacks.
In the case of Ulefone and Krüger\&Matz, the consequences range from complete data loss to unauthorized access of sensitive information like PIN codes, effectively nullifying security features users rely on daily. The lack of clear communication about patched versions further compounds the issue, as users remain uncertain about whether their devices are safe.
The vulnerabilities exploit fundamental security design errors, such as improperly exported Android components and exposed content providers. These reflect a broader challenge in the Android ecosystem—balancing ease of manufacturing diagnostics and user convenience with stringent security requirements. Without careful control, powerful diagnostic tools intended for factory use can become open doors for attackers.
What also stands out is how these flaws can be chained together. By combining PIN theft and command injection, attackers can bypass multiple layers of protection, demonstrating the need for a holistic approach to security that considers how vulnerabilities might interact.
What Undercode Say:
This case highlights a recurring issue in the mobile security landscape: preinstalled apps from manufacturers can represent some of the weakest links. While third-party app stores and downloaded software are often scrutinized, manufacturer-installed apps, especially diagnostic or system utilities, receive less attention. This leaves a blind spot that attackers can exploit with serious consequences.
Manufacturers must prioritize secure software design and rigorous testing, especially for apps with system-level permissions. Properly restricting exported components and securing content providers are foundational practices that, if neglected, jeopardize user safety.
Another critical factor is transparency. Users should be informed clearly when vulnerabilities affect their devices and when patches are available. Silent updates without version increments undermine user trust and security awareness, potentially leaving many exposed longer than necessary.
The vulnerabilities also underscore the importance of independent security research. Researchers like Szymon Chadam play a vital role in uncovering hidden risks that vendors may miss or delay addressing. Industry-wide collaboration and faster response mechanisms are essential to minimizing the window of exposure.
From a user perspective, this report is a reminder to be cautious when installing any app, even on devices perceived as secure by virtue of their brand. It also raises questions about the level of control users have over their own devices when critical security flaws originate from trusted, preinstalled software.
Looking ahead, this example serves as a case study for improving Android security frameworks and vendor accountability. It is crucial to integrate security best practices at every development stage, particularly for apps that run with elevated privileges or access sensitive information.
Lastly, this situation reflects a growing trend: the complexity of modern smartphones increases the attack surface, requiring ongoing vigilance and proactive defense strategies by manufacturers, researchers, and users alike.
Fact Checker Results
The vulnerabilities were officially disclosed on May 30, 2025, affecting Ulefone and Krüger\&Matz smartphones.
CVE-2024-13915 allows unauthorized factory resets through a poorly secured diagnostic app.
PIN theft and privilege escalation flaws in the “com.pri.applock” app enable attackers to bypass app-level security.
Prediction
Given the severity of these vulnerabilities and the commonality of similar issues in preinstalled apps, we expect increased scrutiny on manufacturer software in the smartphone industry. Regulators may push for stricter certification standards and transparency requirements around vendor apps. Users will demand more control over preinstalled software, possibly accelerating the trend toward modular, user-removable system apps. Security researchers will continue to uncover chained vulnerabilities, leading manufacturers to adopt a more proactive security posture or risk reputational damage and user loss.
References:
Reported By: cyberpress.org
Extra Source Hub:
https://www.digitaltrends.com
Wikipedia
Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
