CVE-2020-7744

Information Exposure

Description

This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Docs links. 2. All apk downloads, either organic or not. Mintegral listens to download events in Android's download manager and detects if the downloaded file's url contains: a. google.com or comes from a Google app (the com.android.vending package) b. Ends with .apk for apk downloads In both cases, the module sends the captured data back to Mintegral's servers. Note that the malicious functionality keeps running even if the app is currently not in focus (running in the background).

References

Link	Tags
https://snyk.io/research/sour-mint-malicious-sdk/	third party advisory technical description
https://snyk.io/vuln/SNYK-JAVA-COMMINTEGRALMSDK-1018714	third party advisory
https://snyk.io/blog/remote-code-execution-rce-sourmint/	third party advisory technical description

Frequently Asked Questions

What is the severity of CVE-2020-7744?: CVE-2020-7744 has been scored as a medium severity vulnerability.
How to fix CVE-2020-7744?: To fix CVE-2020-7744, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-7744 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2020-7744 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-7744?: CVE-2020-7744 affects n/a com.mintegral.msdk:alphab.

Description

Category

CWE-319 – Cleartext Transmission of Sensitive Information

References

Frequently Asked Questions