Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 52.6%.
Google
RCE
Android
NVD
Exploit-DB
CVSS 2.0
9.3
EPSS
52.6%
Threat
4.9