Multiple widely-used Android applications, such as Xiaomi File Manager and WPS Office, have been identified as being susceptible to a file overwrite vulnerability. This flaw could potentially be exploited by a malicious app to overwrite files in the targeted app's home directory. Dimitrios Valsamaras from the Microsoft Threat Intelligence team highlighted that successful exploitation of this vulnerability could lead to arbitrary code execution and token theft, enabling an attacker to take control of the app and potentially access the victim's online accounts and personal data
The issue lies in Android's content provider mechanism, meant for secure inter-app file sharing, which could be abused due to implementation oversights. By manipulating the filename in the file-sharing process, attackers could overwrite critical files, possibly leading to code execution or unauthorized data access. While Xiaomi and WPS Office have addressed the vulnerability following responsible disclosure, developers are advised to thoroughly examine their apps for similar issues. Google has also issued guidance urging app developers to handle filenames provided by server applications with caution, recommending the use of internally-generated unique identifiers or filename sanitization to mitigate such risks. ```https://thehackernews.com/2024/05/popular-android-apps-like-xiaomi-wps.html