CVE-2025-10722 is a medium-severity vulnerability affecting the SKTLab Mukbee App version 1.01.196 on Android devices. The vulnerability arises from improper exportation of Android application components declared in the AndroidManifest.xml file, specifically within the component com.dw.android.mukbee. Improper export means that certain app components (such as activities, services, or broadcast receivers) are made accessible to other apps or processes without adequate access controls. This can allow a local attacker—someone with physical or logical access to the device—to interact with these components in unintended ways. The vulnerability does not require user interaction but does require the attacker to have at least limited privileges on the device (local access with low privileges). The CVSS 4.0 vector indicates low attack complexity and low privileges required, with no user interaction needed. The impact on confidentiality, integrity, and availability is low, but the vulnerability could be leveraged to escalate privileges, access sensitive data, or manipulate app behavior. The vendor was notified but has not responded or issued a patch, and a public exploit is available, increasing the risk of exploitation. However, there are no known exploits in the wild at this time. This vulnerability is specific to a single app version and does not affect the Android OS itself or other apps. The root cause is a misconfiguration in the AndroidManifest.xml that exposes internal components to other apps or processes without proper protection, which is a common security oversight in Android app development.

For European organizations, the impact depends largely on the usage of the SKTLab Mukbee App within their environment. If the app is used in corporate or sensitive contexts, this vulnerability could allow an attacker with local access to the device to exploit the exposed components to gain unauthorized access to app functions or data, potentially leading to data leakage or privilege escalation on the device. This could compromise confidentiality and integrity of information handled by the app. Since the attack requires local access, the threat is more relevant in scenarios where devices are shared, lost, or physically accessed by unauthorized personnel. In sectors with strict data protection regulations like GDPR, any data leakage or unauthorized access could lead to compliance issues and reputational damage. The lack of vendor response and patch availability increases risk for organizations relying on this app, as they cannot remediate the vulnerability through official updates. However, the medium severity and local attack vector limit the scope of impact primarily to environments where the app is actively used and devices are at risk of local compromise.

Organizations should first assess whether the SKTLab Mukbee App is deployed within their environment and identify affected devices running version 1.01.196. Since no patch is currently available, mitigation should focus on reducing local access risks: enforce strict device access controls such as strong authentication (PIN, biometrics), device encryption, and screen lock timeouts to prevent unauthorized physical or logical access. Employ mobile device management (MDM) solutions to monitor app installations and restrict installation of vulnerable app versions. If possible, remove or replace the Mukbee App with a secure alternative until a patched version is released. Educate users about the risks of installing untrusted apps and the importance of securing their devices. Additionally, monitor for any suspicious local activity that could indicate exploitation attempts. Developers or security teams with access to the app codebase should review the AndroidManifest.xml to ensure that exported components are explicitly protected with appropriate permissions or set to not be exported unless necessary. If feasible, implement runtime checks to restrict access to sensitive components. Finally, maintain communication with the vendor for updates or patches and consider reporting the lack of response to relevant security authorities or app marketplaces.