CVE-2025-8524 is a medium-severity vulnerability identified in version 2.15.2 of the Boquan DotWallet Android application. The root cause lies in the improper export of Android application components declared in the AndroidManifest.xml file, specifically within the component com.boquanhash.dotwallet. Improper export means that certain components intended for internal use are mistakenly made accessible to other applications or processes on the device. This misconfiguration can allow a local attacker—someone with physical or logical access to the device—to interact with these components in unintended ways, potentially leading to unauthorized access or manipulation of application functionality or data. The attack vector requires local access, meaning remote exploitation is not feasible without prior compromise. The vulnerability does not require user interaction or elevated privileges beyond limited local permissions, which lowers the barrier for exploitation. The vendor was notified but has not responded or provided a patch, and while the exploit details have been publicly disclosed, there are no known exploits actively used in the wild at this time. The CVSS 4.0 base score is 4.8, reflecting a medium severity level due to the limited attack vector (local), low complexity, and partial impact on confidentiality, integrity, and availability. The vulnerability affects a specific version of the DotWallet app, a cryptocurrency wallet application, which may store sensitive financial information and private keys, increasing the potential impact of exploitation.

For European organizations, especially those involved in financial services, cryptocurrency trading, or digital asset management, this vulnerability poses a risk of unauthorized local access to sensitive wallet components. If exploited, attackers could potentially manipulate wallet operations, access private keys, or interfere with transaction processes, leading to financial loss or data compromise. Organizations with employees or clients using the affected DotWallet app on Android devices could face increased insider threat risks or device theft scenarios where attackers leverage this vulnerability. The local attack requirement limits the threat to scenarios involving physical device access or prior compromise, but the sensitive nature of wallet applications amplifies the potential damage. Additionally, the lack of vendor response and patch availability prolongs exposure, increasing the window for potential exploitation. This vulnerability could also undermine trust in digital wallet solutions within European markets, impacting adoption and regulatory compliance efforts related to data protection and financial security.

European organizations should take proactive steps beyond generic patching advice. First, identify and inventory all Android devices running Boquan DotWallet version 2.15.2 within their environment. Immediately restrict physical access to these devices and enforce strict device usage policies. Where possible, migrate users to alternative, more secure wallet applications with active vendor support and regular security updates. Employ mobile device management (MDM) solutions to enforce application whitelisting and control app permissions, limiting the ability of other apps to interact with DotWallet components. Educate users about the risks of local exploitation and the importance of device security, including strong lock screens and encryption. Monitor for unusual local activity or privilege escalations on devices with the affected app. Since no patch is currently available, consider isolating or removing the vulnerable app from critical devices until a vendor fix is released. Finally, maintain communication with the vendor and monitor security advisories for updates or patches addressing this vulnerability.