CVE-2025-10195 is a medium-severity vulnerability affecting version 2.4.2 of the Seismic App on Android. The issue arises from improper export of Android application components declared in the AndroidManifest.xml file, specifically related to the component com.seismic.doccenter. In Android, components such as activities, services, broadcast receivers, and content providers can be exported to allow interaction with other apps or system components. Improper export means that components intended to be private or restricted are accessible to other apps or users, potentially allowing unauthorized access or manipulation. This vulnerability requires local access to the device, meaning an attacker must have physical or local access to the Android device where the vulnerable app is installed. No user interaction or authentication is required once local access is obtained, and the attack complexity is low. The vulnerability impacts confidentiality, integrity, and availability at a limited scope, as the attacker can potentially access or manipulate sensitive app components or data. The vendor has not responded to the disclosure, and no patches or mitigations have been published yet. Although no known exploits are currently in the wild, the public disclosure increases the risk of exploitation. The CVSS 4.0 vector indicates a low attack vector (local), low attack complexity, no privileges required, no user interaction, and low impact on confidentiality, integrity, and availability, resulting in an overall medium severity score of 4.8. This vulnerability highlights the importance of correctly configuring component export settings in Android apps to prevent unauthorized access to internal app functionality or data.

For European organizations using the Seismic App version 2.4.2 on Android devices, this vulnerability could lead to unauthorized local access to sensitive business information managed or displayed by the app. Since the app is likely used for sales enablement and document management, improper export of components could allow attackers with local device access to extract confidential documents, manipulate app behavior, or disrupt normal operations. This could result in data leakage, loss of integrity of sales or customer data, and potential operational disruption. The requirement for local access limits the attack surface to insiders, lost or stolen devices, or attackers with physical access, but the lack of authentication and user interaction requirements increases the risk once local access is obtained. European organizations with mobile workforces or BYOD policies are particularly at risk if devices are not properly secured. The absence of vendor response and patches increases exposure time, making timely mitigation critical to reduce risk.

1. Immediately audit all Android devices within the organization to identify installations of Seismic App version 2.4.2 and restrict their use until a patch or update is available. 2. Enforce strict device security policies, including strong device authentication, encryption, and remote wipe capabilities to mitigate risks from lost or stolen devices. 3. Limit physical access to devices, especially those used by employees handling sensitive data. 4. Monitor for unusual local activity on devices that could indicate exploitation attempts. 5. Engage with the vendor or seek alternative secure versions or apps that do not expose components improperly. 6. For developers or internal app teams, review AndroidManifest.xml configurations to ensure components are only exported when necessary and protected with appropriate permissions. 7. Educate users about the risks of local device compromise and encourage prompt reporting of lost or stolen devices. 8. Consider implementing Mobile Application Management (MAM) solutions to control app behavior and permissions on managed devices. These steps go beyond generic advice by focusing on device-level controls, app inventory, and configuration reviews specific to this vulnerability.