CVE-2025-5346
Bluebird devices expose an unsecured broadcast receiver (kr.co.bluebird.android.bbsettings.BootReceiver) in a pre-loaded barcode scanner app. A local attacker can call this receiver to overwrite a file containing the string ".json" with a default barcode config, due to lack of protection against ...