Flaw found in MX Player by Tenable Research leaves millions exposed
This morning, Tenable Research published details of a vulnerability found in MX Player, an Indian video streaming and video-on-demand platform – that could potentially leave millions of consumers exposed.
By exploiting these flaws, an attacker could gain remote access to the user’s device and manipulate it. The attack scenario is possible when a user is waiting to receive a new file through the file transfer feature. In this scenario, a path traversal vulnerability could be exploited and, on certain devices, achieve code execution through specially crafted files. Additionally, because MX Player’s transfer service password is openly shared as a Bluetooth device name, an unauthenticated attacker within Bluetooth range could also exploit this flaw.
Tenable informed MX Player of the vulnerability, and as a result, MX Player has addressed these flaws in version v1.24.5.
MONSTER HUNTER WORLD: ICEBORNE FREE TITLE UPDATE 4 BRINGS ALATREON AND MORE TO THE NEW WORLD
