CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7705

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the UIApplication, openURL, SKStoreProductViewController, loadProductWithParameters and NSURLProtocol methods along with anti-debug and proxy detection protection. If those hooks are active MintegralAdSDK sends obfuscated data about every opened URL in an application to their servers. Note that the malicious functionality is enabled even if the SDK was not enabled to serve ads.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.4%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.8

References

Products affected by CVE-2020-7705

Mintegral » Mintegraladsdk » Version: 0.0.0

cpe:2.3:a:mintegral:mintegraladsdk:0.0.0
Mintegral » Mintegraladsdk » Version: 6.0.1

cpe:2.3:a:mintegral:mintegraladsdk:6.0.1
Mintegral » Mintegraladsdk » Version: 6.1.0

cpe:2.3:a:mintegral:mintegraladsdk:6.1.0
Mintegral » Mintegraladsdk » Version: 6.1.1

cpe:2.3:a:mintegral:mintegraladsdk:6.1.1
Mintegral » Mintegraladsdk » Version: 6.1.2

cpe:2.3:a:mintegral:mintegraladsdk:6.1.2
Mintegral » Mintegraladsdk » Version: 6.1.3

cpe:2.3:a:mintegral:mintegraladsdk:6.1.3
Mintegral » Mintegraladsdk » Version: 6.2.0

cpe:2.3:a:mintegral:mintegraladsdk:6.2.0
Mintegral » Mintegraladsdk » Version: 6.3.1.0

cpe:2.3:a:mintegral:mintegraladsdk:6.3.1.0
Mintegral » Mintegraladsdk » Version: 6.3.2.0

cpe:2.3:a:mintegral:mintegraladsdk:6.3.2.0
Mintegral » Mintegraladsdk » Version: 6.3.3.0

cpe:2.3:a:mintegral:mintegraladsdk:6.3.3.0
Mintegral » Mintegraladsdk » Version: 6.3.4.0

cpe:2.3:a:mintegral:mintegraladsdk:6.3.4.0
Mintegral » Mintegraladsdk » Version: 6.3.5.0

cpe:2.3:a:mintegral:mintegraladsdk:6.3.5.0
Mintegral » Mintegraladsdk » Version: 6.3.7.0

cpe:2.3:a:mintegral:mintegraladsdk:6.3.7.0
Mintegral » Mintegraladsdk » Version: 6.4.0.0

cpe:2.3:a:mintegral:mintegraladsdk:6.4.0.0
Mintegral » Mintegraladsdk » Version: 6.4.1.0

cpe:2.3:a:mintegral:mintegraladsdk:6.4.1.0
Mintegral » Mintegraladsdk » Version: 6.5.0.0

cpe:2.3:a:mintegral:mintegraladsdk:6.5.0.0
Mintegral » Mintegraladsdk » Version: 6.6.0.0

cpe:2.3:a:mintegral:mintegraladsdk:6.6.0.0
Mintegral » Mintegraladsdk » Version: 6.6.1.0

cpe:2.3:a:mintegral:mintegraladsdk:6.6.1.0
Mintegral » Mintegraladsdk » Version: 6.6.2.0

cpe:2.3:a:mintegral:mintegraladsdk:6.6.2.0
Mintegral » Mintegraladsdk » Version: 6.6.3.0

cpe:2.3:a:mintegral:mintegraladsdk:6.6.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7705

Products

Pricing

Contact Us