cvedb.io
CVE-2025-5344
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2025-07-17T13:15:23.037 · Last modified 2026-06-17T09:47:43.757

Summary

Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher.IpartnerKioskRemoteService". A local attacker can bind to the AIDL-type service to modify device's global settings and wallpaper image. This issue affects all versions before 1.1.2.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.