CVE-2025-8523 is a medium-severity vulnerability affecting version 1.0 of the RiderLike Fruit Crush-Brain App on Android. The root cause is an improper export of Android application components declared in the AndroidManifest.xml file, specifically related to the component identified as com.fruitcrush.fun. Improper export means that components such as activities, services, broadcast receivers, or content providers are made accessible to other apps or processes without adequate access controls. This can allow an attacker with local access to the device (local host) to interact with these components in unintended ways, potentially leading to unauthorized actions or data leakage. The vulnerability does not require user interaction and can be exploited with low complexity, but it does require at least limited privileges (PR:L), indicating the attacker must have some level of access to the device, such as a non-root user or an installed app. The CVSS 4.0 vector indicates low confidentiality, integrity, and availability impacts individually, but combined they represent a medium overall severity (CVSS score 4.8). The vendor was contacted but did not respond, and no patch or mitigation has been published yet. No known exploits are reported in the wild, but the exploit details have been publicly disclosed, increasing the risk of exploitation. Improperly exported components can be leveraged to escalate privileges, execute unauthorized code, or access sensitive data stored or processed by the app, depending on the component's functionality. Since the app is a game, the direct impact on critical systems may be limited, but it could serve as an entry point for further attacks or data exfiltration on compromised devices.

For European organizations, the direct impact of this vulnerability depends on the prevalence of the RiderLike Fruit Crush-Brain App within their user base or employee devices. If widely used, this vulnerability could be exploited by malicious local apps or users to gain unauthorized access to app components, potentially leading to data leakage or unauthorized actions within the app environment. While the app itself may not handle sensitive corporate data, compromised devices could be leveraged as pivot points for broader attacks or to undermine device integrity. In environments with Bring Your Own Device (BYOD) policies, this vulnerability could increase the risk of lateral movement or data leakage if exploited. Additionally, if the app is used in any corporate or educational settings in Europe, the risk is elevated. The lack of vendor response and absence of patches increases exposure time. However, since exploitation requires local access and some privileges, remote exploitation risk is low, limiting the threat to scenarios where attackers already have some foothold on the device.

1. Organizations should audit mobile devices for the presence of the RiderLike Fruit Crush-Brain App version 1.0 and consider uninstalling or restricting its use until a patch is available. 2. Employ Mobile Device Management (MDM) solutions to enforce application whitelisting and restrict installation of untrusted or vulnerable apps. 3. Educate users about the risks of installing apps from untrusted sources and the importance of device hygiene to prevent local privilege escalation. 4. Monitor devices for suspicious local activity or unauthorized inter-app communication that could indicate exploitation attempts. 5. Encourage the vendor or community to develop and distribute a patched version that properly restricts component exports in the AndroidManifest.xml. 6. For developers or security teams, review AndroidManifest.xml files for all in-house or third-party apps to ensure components are not unnecessarily exported, applying the principle of least privilege. 7. Implement runtime application self-protection (RASP) or endpoint detection and response (EDR) tools on mobile devices to detect anomalous behavior related to component misuse.