Vulnerability in Opera Mini for Android Allows Bypassing of .apk File Restrictions via RTLO Approach

Vulnerability in Opera Mini for Android Allows Bypassing of .apk File Restrictions via RTLO Approach

CVE-2019-18624 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Opera Mini for Android allows attackers to bypass intended restrictions on .apk file download/installation via an RTLO (aka Right to Left Override) approach, as demonstrated by misinterpretation of malicious%E2%80%AEtxt.apk as maliciouskpa.txt. This affects 44.1.2254.142553, 44.1.2254.142659, and 44.1.2254.143214.

Learn more about our Cis Benchmark Audit For Google Android.