Improper Export Vulnerability in NCSOFT Universe App
CVE-2025-9676

4.8MEDIUM

Key Information:

Vendor: Ncsoft
Status: Universe App
Vendor: CVE Published:; 29 August 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-9676?

A vulnerability has been detected in the NCSOFT Universe App, specifically in the AndroidManifest.xml file associated with the component com.ncsoft.universeapp. This flaw allows for the improper export of Android application components, which necessitates local access to exploit. Given that the exploit code is publicly available, this poses a significant risk to users. Despite early notification to the vendor, no response has been received regarding this security issue. It is crucial for users to understand the implications of this vulnerability and to take protective measures to secure their applications.

Affected Version(s)

Universe App 1.0

Universe App 1.1

Universe App 1.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-9676 - Proof of Concept

References

https://vuldb.com/?id.321888

vdb-entry

https://vuldb.com/?ctiid.321888

signaturepermissions-required

https://vuldb.com/?submit.638074

third-party-advisory

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 29, 2025
👾
Exploit known to exist
Aug 29, 2025
Vulnerability published
Aug 29, 2025
Vulnerability Reserved
Aug 29, 2025

Credit

fxizenta (VulDB User)

Ncsoft