CVE-2025-8745 is a medium-severity vulnerability identified in version 6.17.77 of the Weee RICEPO Android application. The root cause lies in improper exportation of Android application components due to incorrect processing of the AndroidManifest.xml file, specifically related to the component com.ricepo.app. In Android, components such as activities, services, broadcast receivers, and content providers can be exported to allow interaction with other apps or system components. Improper exportation means that components intended to be private or restricted are inadvertently made accessible to other apps or users, potentially allowing unauthorized access or manipulation. This vulnerability requires local access to the device, meaning an attacker must have the ability to execute code or interact with the device locally, such as through a malicious app installed on the device or physical access. The CVSS 4.0 vector indicates low attack complexity and low privileges required, with no user interaction needed, but the attack surface is limited to local access. The vulnerability impacts confidentiality, integrity, and availability to a limited extent, as the improperly exported components could be leveraged to access sensitive data or perform unauthorized actions within the app context. The vendor was notified but did not respond, and no patches or fixes have been published yet. Although the exploit has been publicly disclosed, there are no known exploits actively used in the wild at this time. This vulnerability highlights the importance of correctly configuring component export settings in AndroidManifest.xml to prevent unauthorized access to app internals.

For European organizations, the impact of CVE-2025-8745 depends on the usage of the Weee RICEPO app within their environment. Given that the vulnerability requires local access and affects a specific app version, the risk is primarily to individual users rather than enterprise-wide systems. However, if the app is used in corporate environments or on devices handling sensitive information, attackers could exploit the improperly exported components to gain unauthorized access to app data or functionality, potentially leading to data leakage or manipulation. This could undermine confidentiality and integrity of information processed by the app. Additionally, if the app is used in sectors with strict data protection requirements (e.g., finance, healthcare), exploitation could result in compliance violations under regulations such as GDPR. The lack of vendor response and absence of patches increases the risk window. Organizations relying on mobile device management (MDM) or app vetting processes should be aware of this vulnerability to prevent deployment of the affected app version or to restrict local access to devices. Overall, the threat is moderate but should be addressed proactively to avoid escalation or combined attacks leveraging this vulnerability.

1. Immediate mitigation involves auditing all devices to identify installations of Weee RICEPO App version 6.17.77 and preventing its use until a patch is available. 2. Employ mobile device management (MDM) solutions to restrict installation of unapproved or vulnerable app versions and enforce app update policies. 3. Limit local access to devices by enforcing strong device authentication, disabling installation from unknown sources, and restricting physical access. 4. Monitor devices for suspicious local activity or unauthorized app interactions that could indicate exploitation attempts. 5. Developers and security teams should review the AndroidManifest.xml configurations for all in-house or third-party apps to ensure components are not unnecessarily exported. 6. Engage with the vendor or community to encourage release of a patch or update that properly restricts component export settings. 7. Educate users about the risks of installing untrusted apps and the importance of keeping apps updated. 8. Consider deploying runtime application self-protection (RASP) or endpoint detection and response (EDR) tools capable of detecting anomalous app behavior on mobile devices.