Moderate Risk

Threat level

com.android.settings

Settings

Analyzed on 2021-12-09T02:33:22.283399

102

permissions

337

activities

20

services

31

receivers

19

domains

File sums

MD5 9c60c4a145d20c8115f1082598966e24
SHA1 dec744cff3f5e1cf62647ce4d580492962a0a0f5
SHA256 42fc66160dab9b1109efeb6f9b2b2548b68dc7f1c5129f2925104463617408c9
Size 61.19MB

APKiD

Information computed with APKiD.

/tmp/tmp2sqynkj4!classes.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MANUFACTURER check
  • ro.build.type check
compiler
  • r8
/tmp/tmp2sqynkj4!classes2.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MANUFACTURER check
  • subscriber ID check
  • ro.product.device check
compiler
  • r8 without marker (suspicious)
/tmp/tmp2sqynkj4!classes3.dex
compiler
  • r8 without marker (suspicious)

SSdeep

Information computed with ssdeep.

APK file 393216:XfB2bBZmCgudFkSW7CZHhKITCdXlWTXXQB+JbNnuh4M275xOrSJuOE4RSVVxeNJR:clXgC6BiYsCleXXQMhHF/OrSIcSFeExa
Manifest 3072:l+bKSJIN6LuscOiMkQ0FnHKpKRVJ3ZkwswXpQvZ90j:l+b2NnhMkQ0FnHDJ3Zkws…
classes.dex 98304:ciqouBcjtIzjybrtZmc20K62c/gJAlIP1SSe32K+0YYzMNyH5Ki2YMH:cf5f2bB…
classes2.dex 98304:U+isSPbaxZ7H32NJ19BB1+yHhKfSA+Ye38agmqwXCU0GuLPMYp8:prSPbaxZ7WH…
classes3.dex 24576:IlqAeVzJdcsblxI2FHu9Z2AyrCvuVOdGBf2905R0e9ksNDG0JmA5XCPF3l7FGCR…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 12288:XiVEIlUln7DbY1oq547bStb6P31/VLN/428F4qy1gPs3:6EIlkn7B0NSZgMq8n3
classes.dex 6144:XaHJLjt/uiSIlcmljCl2yTln7DbY1o83Wx0eq5YDoUnLT3+EbStb6Pj:XiVEIlUl…
classes2.dex 6144:SY1rhFVLNQqN+m428FdSqueqtZDk8tgPjgyMMYQHt63:j1/VLN/428F4qy1gPsj
classes3.dex 768:gRkuQeKWhnFz2nn1nnVnnYui+b/IqfQLGiltiOg:qRnFz2nn1nnVnnYo/IqfTiVg

APK details

Information computed with AndroGuard and Pithus.

Package com.android.settings
App name Settings
Version name v5.2111.01.0005.4
Version code 202108987
SDK 26 - 31
UAID 3dc886412c0ae59af40c7ea8aa7326c43f423e46
Signature Signature V1 Signature V2 Signature V3
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 52904c3400fc77fc832dbae3a3a8b736
SHA1 fe036d85bba39ab111d6075ebcdde571b9665b5d
SHA256 1210eaca7cc0c6e186984ba314c3e8e0be1412dd817a4e2a45191aa5538d2d31
Issuer Email Address: android@tcl.com, Common Name: TCL jettaatt_61 platform, Organizational Unit: www.tcl.com, Organization: TCT, Locality: Zhongkai-Hi-Tech-Zone, State/Province: Huizhou, Country: CN
Not before 2021-09-24T02:57:57+00:00
Not after 2049-02-09T02:57:57+00:00

Manifest analysis

Information computed with MobSF.

High Clear text traffic is Enabled For App[android:usesCleartextTraffic=true]
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks, DownloadManager, and MediaPlayer. The default value for apps that target API level 27 or lower is "true". Apps that target API level 28 or higher default to "false". The key reason for avoiding cleartext traffic is the lack of confidentiality, authenticity, and protections against tampering; a network attacker can eavesdrop on transmitted data and also modify it without being detected.
Low App is direct-boot aware [android:directBootAware=true]
This app can run before the user unlocks the device. If you're using a custom subclass of Application, and if any component inside your application is direct - boot aware, then your entire custom application is considered to be direct - boot aware.During Direct Boot, your application can only access the data that is stored in device protected storage.
Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High TaskAffinity is set for Activity
(com.android.settings.homepage.SettingsHomepageActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.homepage.SettingsHomepageActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.Settings)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity-Alias (com.android.settings.Settings) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.SettingsInitialize) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$CreateShortcutActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$MobileNetworkListActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ConnectedDeviceDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.Settings$BluetoothSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.AirplaneModeVoiceActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.search.SearchResultTrampoline) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NetworkProviderSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.WifiPickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ConfigureWifiSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$SavedAccessPointsSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiInfoActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.WifiConfigInfo) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiAPITestActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.WifiStatusTest) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.WifiNoInternetDialog) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.NETWORK_STACK [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.Settings$ApnSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$BluetoothPairingDetailActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.bluetooth.BluetoothSettings) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AssistGestureSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$FaceSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$FingerprintSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$FingerprintSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.bluetooth.DevicePickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.android.settings.wifi.tether.TetherService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.TETHER_PRIVILEGED [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.network.TetherProvisioningActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.TETHER_PRIVILEGED [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.Settings$TetherSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.TetherSettings) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiTetherSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.WifiTetherSettings) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiP2pSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$VpnSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DataSaverSummaryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DateTimeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$LocalePickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$LanguageAndInputSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.LanguageSettings) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AvailableVirtualKeyboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManageAssistActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$KeyboardLayoutPickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PhysicalKeyboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$SpellCheckersSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.inputmethod.InputMethodAndSubtypeEnablerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$UserDictionarySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.inputmethod.UserDictionaryAddWordActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ZenModeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.notification.zen.ZenSuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.notification.zen.ZenOnboardingActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ZenModeAutomationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WallpaperSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wallpaper.WallpaperSuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wallpaper.StyleSuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ZenModeScheduleRuleSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ZenModeEventRuleSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DisplaySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$SmartAutoRotateSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NightDisplaySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$ReadingModeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$DarkModeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DarkThemeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NightDisplaySuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$MyDeviceInfoActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.SettingsLicenseActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ModuleLicensesActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManageApplicationsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.applications.StorageUse) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.RunningServices) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.applications.ManageApplications) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManageDomainUrlsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppMemoryUsageActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$HighPowerApplicationsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.datausage.AppDataUsageActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.fuelgauge.RequestIgnoreBatteryOptimizations) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.slices.SliceDeepLinkSpringBoard) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MODIFY_PHONE_STATE [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.applications.InstalledAppDetailsTop) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.applications.InstalledAppDetails) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.applications.InstalledAppOpenByDefaultActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$RunningServicesActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$StorageUseActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NotificationStationActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.notification.history.NotificationHistoryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.notification.zen.ZenModeVoiceActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$LocationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ScanningSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$SecurityDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.MonitoringCertInfoActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$TrustedCredentialsSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PrivacySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PrivacyDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.security.CredentialStorage) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.security.RequestManageCredentials) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DeviceAdminSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.DeviceAdminSettings) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.applications.specialaccess.deviceadmin.DeviceAdminAdd) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.applications.specialaccess.deviceadmin.ProfileOwnerAdd) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$UsageAccessSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppUsageAccessSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$IccLockSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AccessibilitySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AccessibilityDetailsSettingsActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.OPEN_ACCESSIBILITY_DETAILS_SETTINGS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.accessibility.AccessibilitySettingsForSetupWizardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.FontSizeSettingsForSetupWizardActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AccessibilityDaltonizerSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ReduceBrightColorsSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$CaptioningSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$TextToSpeechSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$EnterprisePrivacySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.password.ConfirmDeviceCredentialActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.password.ConfirmDeviceCredentialActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.ConfirmDeviceCredentialActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.password.ConfirmDeviceCredentialActivity$InternalActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.SetupRedactionInterstitial) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.notification.RedactionSettingsStandalone) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.biometrics.BiometricEnrollActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.settings.biometrics.common.FingerprintEnrollActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.biometrics.fingerprint.FingerprintEnrollIntroduction) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.biometrics.fingerprint.SetupFingerprintEnrollIntroduction) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_FINGERPRINT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.tct.settings.biometrics.fingerprint.FingerprintEnrollIntroductionCap) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.settings.biometrics.fingerprint.SetupFingerprintEnrollIntroductionCap) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_FINGERPRINT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.biometrics.fingerprint.FingerprintSuggestionActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_FINGERPRINT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.tct.settings.biometrics.fingerprint.FingerprintSuggestionActivityCap) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_FINGERPRINT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity-Alias (com.android.settings.SetupFingerprintSuggestionActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.password.SetupChooseLockGeneric) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.password.SetNewPasswordActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.password.ScreenLockSuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.biometrics.fingerprint.FingerprintEnrollSuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.settings.biometrics.fingerprint.FingerprintEnrollSuggestionActivityCap) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$StorageDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PublicVolumeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PrivateVolumeForgetActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.deviceinfo.StorageWizardInit) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.deviceinfo.StorageWizardMigrateProgress) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.deviceinfo.StorageWizardReady) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.deviceinfo.StorageWizardMoveProgress) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.android.settings.deviceinfo.StorageUnmountReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MOUNT_UNMOUNT_FILESYSTEMS [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.Settings$ApnEditorActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DevelopmentSettingsDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.development.DevelopmentSettingsDisabledActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PrintSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PrintJobSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.settings.WebViewImplementation) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$BugReportHandlerPickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.bluetooth.BluetoothPairingDialog)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.bluetooth.BluetoothPairingDialog) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.bluetooth.RequestPermissionActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BLUETOOTH_CONNECT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.wifi.WifiScanModeActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$UsbDetailsActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_USB [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.RemoteBugreportActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.DUMP [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.android.settings.bluetooth.BluetoothPairingRequest) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.bluetooth.BluetoothPermissionRequest) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BLUETOOTH_CONNECT [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.bluetooth.BluetoothPermissionActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BLUETOOTH_CONNECT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.ActivityPicker) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AndroidBeamSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiDisplaySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.TestingSettingsBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.AppWidgetPickActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.AllowBindAppWidgetActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.UsageStatsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PowerUsageSummaryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$BatterySaverSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.fuelgauge.BatterySaverModeVoiceActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AccountSyncSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManagedProfileSettingsActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_USERS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.accounts.AddAccountSettings) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.CryptKeeper)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.CryptKeeper) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.FallbackHome)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.FallbackHome) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$CryptKeeperSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DataUsageSummaryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$MobileDataUsageListActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DreamSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$UserSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PaymentSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.nfc.PaymentDefaultDialog) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$NfcAndPaymentSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NotificationAccessSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NotificationAccessDetailsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NotificationAssistantSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$VrListenersSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PictureInPictureSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppPictureInPictureSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$InteractAcrossProfilesSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppInteractAcrossProfilesSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ZenAccessDetailSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ZenAccessSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.Settings$ConfigureNotificationSettingsActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.Settings$ConfigureNotificationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ConversationListSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppBubbleNotificationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PremiumSmsAccessActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$SoundSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$NotificationAppListActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppNotificationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.notification.app.ChannelPanelActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.ManualDisplayActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.RegulatoryInfoDisplayActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settingslib.bluetooth.BluetoothDiscoverableTimeoutReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.users.ProfileUpdateReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.sim.SimSelectNotification) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.android.settings.emergency.EmergencyActionContentProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.CALL_PRIVILEGED [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.wifi.RequestToggleWiFiActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.CHANGE_WIFI_STATE [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.wifi.WifiDialogActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.CHANGE_WIFI_STATE [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High TaskAffinity is set for Activity
(com.android.settings.wifi.NetworkRequestDialogActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.wifi.NetworkRequestDialogActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.NETWORK_SETTINGS [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.sim.SimDialogActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.flashlight.FlashlightHandleActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$WifiCallingSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.calling.WifiCallingSuggestionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.android.settings.search.SettingsSearchIndexablesProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.READ_SEARCH_INDEXABLES [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Content Provider (com.android.settings.dashboard.suggestions.SuggestionStateProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$OverlaySettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppDrawOverlaySettingsActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.INTERNAL_SYSTEM_WINDOW [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.Settings$WriteSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppWriteSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AlarmsAndRemindersActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AlarmsAndRemindersAppActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManageExternalSourcesActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManageAppExternalSourcesActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.enterprise.ActionDisabledByAdminDialog)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.enterprise.ActionDisabledByAdminDialog) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$ManageExternalStorageActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppManageExternalStorageActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$MediaManagementAppsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppMediaManagementAppsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.backup.UserBackupSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AutomaticStorageManagerSettingsActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.android.settings.fuelgauge.AdvancedPowerUsageDetailActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppAndNotificationDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AppDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AccountDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$SystemDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.support.SupportDashboardActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.android.settings.SettingsDumpService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.DUMP [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$ShowLayout) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$GPUProfiling) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$ForceRTL) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$AnimationSpeed) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$WinscopeTrace) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$SensorsOff) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$WirelessDebugging) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.development.qstile.DevelopmentTiles$ShowTaps) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.HelpTrampoline) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.DUMP [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.applications.autofill.AutofillPickerTrampolineActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$AdvancedConnectedDeviceActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$BluetoothDeviceDetailActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BLUETOOTH_CONNECT [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.panel.SettingsPanelActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.addappnetworks.AddAppNetworksActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.android.settings.slices.SettingsSliceProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.slices.SliceRelayReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_SLICE_PERMISSIONS [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.android.settings.slices.VolumeSliceRelayReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_SLICE_PERMISSIONS [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.android.settings.fuelgauge.batterytip.AnomalyConfigReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.android.settings.homepage.contextualcards.CardContentProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.WRITE_SETTINGS_HOMEPAGE_DATA [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Content Provider (com.android.settings.homepage.contextualcards.SettingsContextualCardProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.WRITE_SETTINGS_HOMEPAGE_DATA [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.wifi.dpp.WifiDppConfiguratorActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.wifi.dpp.WifiDppEnrolleeActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.Settings$WifiCallingDisclaimerActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.Settings$WifiCallingDisclaimerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$BatterySaverScheduleSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$GlobalActionsPanelSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$PowerMenuSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$DeviceControlsSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$GestureNavigationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$MediaControlsSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.media.BluetoothPairingReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BLUETOOTH_ADMIN [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.android.settings.sim.receivers.SimSlotChangeReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.sim.receivers.SuwFinishReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.sim.receivers.SimCompleteBootReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.sim.smartForwarding.SmartForwardingActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$FactoryResetActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BACKUP [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.android.settings.intelligence.suggestions.SuggestionService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_SETTINGS_SUGGESTIONS_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.intelligence.search.SearchActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.tct.deviceinfo.UsbModeSelection) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.deviceinfo.UsbModeChooserActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.MANAGE_USB [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.android.settings.DemoModeActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$UninstallAppsAccessActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.USBDialogreceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.TctSettings$WallpaperAndThemeSettingsActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.TctSettings$WallpaperAndThemeSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$AdvancedFeaturesSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$ButtonGestureSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.notification.VibrationDurationSetting) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.tct.UsbDebugBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$ConfigureTctNotificationSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.notification.TctLessDisturbingManagerAppsSettings) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.notification.TctVolumePanelActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.tct.settings.security.LockScreenStyleSetupActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.tct.settings.security.LockScreenStyleSetupActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tcl.telephony.wfc.TclWifiCallingHelp) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tcl.telephony.wfc.TclWifiCallingHelpDialogActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.wifi.ManagerPasspointReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.tct.settings.biometrics.fingerprintun.FingerprintReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.GestureSetupActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.GestureSetupActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.DominantHandSetupActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.DominantHandSetupActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.DateTimeSetupActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.DateTimeSetupActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.bluetooth.BluetoothCalibrationDialog) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.applications.SetDefaultBrowserReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.datausage.CustomPcoRecevier) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.display.ReadingModeManagerAppsSettings) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.settings.StopGoogleAppBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.tmo.tether.tmo.AllowedListActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.android.settings.Settings$TetherSettingsSprintActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity-Alias (com.android.tmo.tether.sprint.TetherSettingsSprint) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.android.tmo.tether.sprint.TetherServiceSprint) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.Settings$TetherSettingsTMOActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.android.settings.Settings$TetherSettingsTMOActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.tmo.tether.tmo.TetherSettingsTMO) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.tmo.tether.tmo.HotspotSettingsTMO) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.android.tmo.tether.tmo.TetherServiceTMO2) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.android.settings.Settings$TetherSettingsVZWActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity-Alias (com.android.vzw.tether.TetherSettingsVZW) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.android.vzw.tether.TetherWifiSettingsVZW) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.android.vzw.tether.TetherServiceVZW) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.tct.settings.wifi.WifiNetworkCheckReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.android.vzw.ApnMiniCodeBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.tct.wifi.tether.TctTetherService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.tct.settings.wifi.tether.HotspotEntitlementCheckReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.tct.settings.network.CarrierChooseReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.settings.network.CarrierChooseActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tct.settings.network.CarrierSettingActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.TctSettings$GestureSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.network.telephony.MobileNetworkActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.settings.Settings$LockScreenSettingsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Dailer Code: 46368676 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 33284 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 666 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 777 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 932 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 9663223 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 647 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 22384 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
Medium High Intent Priority (1000)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (3000)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (2147483647)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Browsable activities

Information computed with MobSF.

com.android.settings.slices.SliceDeepLinkSpringBoard

Hosts: com.android.settings.slices

Schemes: settings://

Main Activity

Information computed with AndroGuard. 

com.android.settings.Settings

Activities

Information computed with AndroGuard. 

com.android.settings.homepage.SettingsHomepageActivity
com.android.settings.SubSettings
com.android.settings.Settings$CreateShortcutActivity
com.android.settings.Settings$NetworkDashboardActivity
com.android.settings.Settings$MobileNetworkListActivity
com.android.settings.Settings$ConnectedDeviceDashboardActivity
com.android.settings.AirplaneModeVoiceActivity
com.android.settings.search.SearchResultTrampoline
com.android.settings.Settings$WifiSettingsActivity
com.android.settings.Settings$NetworkProviderSettingsActivity
com.android.settings.wifi.WifiPickerActivity
com.android.settings.Settings$ConfigureWifiSettingsActivity
com.android.settings.Settings$SavedAccessPointsSettingsActivity
com.android.settings.Settings$WifiInfoActivity
com.android.settings.wifi.WifiConfigInfo
com.android.settings.Settings$WifiAPITestActivity
com.android.settings.wifi.WifiStatusTest
com.android.settings.wifi.WifiNoInternetDialog
com.android.settings.Settings$ApnSettingsActivity
com.android.settings.TctSettings$BluetoothPairingDetailActivity
com.android.settings.Settings$AssistGestureSettingsActivity
com.android.settings.Settings$FaceSettingsActivity
com.android.settings.Settings$FingerprintSettingsActivity
com.android.settings.TctSettings$FingerprintSettingsActivity
com.android.settings.bluetooth.DevicePickerActivity
com.android.settings.network.TetherProvisioningActivity
com.android.settings.network.telephony.ToggleSubscriptionDialogActivity
com.android.settings.network.telephony.DeleteEuiccSubscriptionDialogActivity
com.android.settings.Settings$TetherSettingsActivity
com.android.settings.Settings$WifiTetherSettingsActivity
com.android.settings.Settings$WifiP2pSettingsActivity
com.android.settings.Settings$VpnSettingsActivity
com.android.settings.Settings$DataSaverSummaryActivity
com.android.settings.Settings$DateTimeSettingsActivity
com.android.settings.Settings$LocalePickerActivity
com.android.settings.localepicker.LocalePickerWithRegionActivity
com.android.settings.Settings$LanguageAndInputSettingsActivity
com.android.settings.Settings$AvailableVirtualKeyboardActivity
com.android.settings.Settings$ManageAssistActivity
com.android.settings.Settings$KeyboardLayoutPickerActivity
com.android.settings.Settings$PhysicalKeyboardActivity
com.android.settings.Settings$SpellCheckersSettingsActivity
com.android.settings.inputmethod.InputMethodAndSubtypeEnablerActivity
com.android.settings.Settings$UserDictionarySettingsActivity
com.android.settings.inputmethod.UserDictionaryAddWordActivity
com.android.settings.Settings$ZenModeSettingsActivity
com.android.settings.notification.zen.ZenSuggestionActivity
com.android.settings.notification.zen.ZenOnboardingActivity
com.android.settings.Settings$ZenModeAutomationSettingsActivity
com.android.settings.Settings$WallpaperSettingsActivity
com.android.settings.wallpaper.WallpaperSuggestionActivity
com.android.settings.wallpaper.StyleSuggestionActivity
com.android.settings.Settings$ZenModeScheduleRuleSettingsActivity
com.android.settings.Settings$ZenModeEventRuleSettingsActivity
com.android.settings.Settings$DisplaySettingsActivity
com.android.settings.Settings$SmartAutoRotateSettingsActivity
com.android.settings.Settings$NightDisplaySettingsActivity
com.android.settings.TctSettings$ReadingModeSettingsActivity
com.android.settings.TctSettings$DarkModeSettingsActivity
com.android.settings.Settings$DarkThemeSettingsActivity
com.android.settings.Settings$NightDisplaySuggestionActivity
com.android.settings.Settings$MyDeviceInfoActivity
com.android.settings.SettingsLicenseActivity
com.android.settings.Settings$ModuleLicensesActivity
com.android.settings.Settings$ManageApplicationsActivity
com.android.settings.Settings$ManageDomainUrlsActivity
com.android.settings.Settings$AppMemoryUsageActivity
com.android.settings.Settings$HighPowerApplicationsActivity
com.android.settings.datausage.AppDataUsageActivity
com.android.settings.fuelgauge.RequestIgnoreBatteryOptimizations
com.android.settings.slices.SliceDeepLinkSpringBoard
com.android.settings.applications.InstalledAppDetailsTop
com.android.settings.applications.InstalledAppOpenByDefaultActivity
com.android.settings.Settings$RunningServicesActivity
com.android.settings.Settings$StorageUseActivity
com.android.settings.Settings$NotificationStationActivity
com.android.settings.notification.history.NotificationHistoryActivity
com.android.settings.notification.zen.ZenModeVoiceActivity
com.android.settings.Settings$LocationSettingsActivity
com.android.settings.Settings$ScanningSettingsActivity
com.android.settings.Settings$SecurityDashboardActivity
com.android.settings.MonitoringCertInfoActivity
com.android.settings.Settings$TrustedCredentialsSettingsActivity
com.android.settings.Settings$PrivacySettingsActivity
com.android.settings.Settings$PrivacyDashboardActivity
com.android.settings.SetFullBackupPassword
com.android.settings.security.CredentialStorage
com.android.settings.security.InstallCaCertificateWarning
com.android.settings.security.RequestManageCredentials
com.android.settings.Settings$DeviceAdminSettingsActivity
com.android.settings.applications.specialaccess.deviceadmin.DeviceAdminAdd
com.android.settings.applications.specialaccess.deviceadmin.ProfileOwnerAdd
com.android.settings.Settings$UsageAccessSettingsActivity
com.android.settings.Settings$AppUsageAccessSettingsActivity
com.android.settings.Settings$IccLockSettingsActivity
com.android.settings.Settings$AccessibilitySettingsActivity
com.android.settings.Settings$AccessibilityDetailsSettingsActivity
com.android.settings.accessibility.AccessibilitySettingsForSetupWizardActivity
com.android.settings.Settings$AccessibilityDaltonizerSettingsActivity
com.android.settings.Settings$ReduceBrightColorsSettingsActivity
com.android.settings.Settings$CaptioningSettingsActivity
com.android.settings.SettingsTutorialDialogWrapperActivity
com.android.settings.Settings$TextToSpeechSettingsActivity
com.android.settings.Settings$EnterprisePrivacySettingsActivity
com.android.settings.password.ConfirmDeviceCredentialActivity
com.android.settings.password.ConfirmDeviceCredentialActivity$InternalActivity
com.android.settings.SetupRedactionInterstitial
com.android.settings.notification.RedactionInterstitial
com.android.settings.notification.RedactionSettingsStandalone
com.android.settings.password.ConfirmLockPattern
com.android.settings.password.ConfirmLockPassword
com.android.settings.password.ForgotPasswordActivity
com.android.settings.biometrics.face.FaceEnrollIntroduction
com.android.settings.biometrics.face.FaceEnrollEducation
com.android.settings.biometrics.face.FaceEnrollEnrolling
com.android.settings.biometrics.face.FaceEnrollFinish
com.android.settings.biometrics.BiometricEnrollActivity$InternalActivity
com.android.settings.biometrics.BiometricEnrollActivity
com.tct.settings.biometrics.common.FingerprintEnrollActivity$InternalActivity
com.tct.settings.biometrics.common.FingerprintEnrollActivity
com.android.settings.biometrics.fingerprint.FingerprintSettings
com.android.settings.biometrics.fingerprint.FingerprintEnrollFindSensor
com.android.settings.biometrics.fingerprint.FingerprintEnrollEnrolling
com.android.settings.biometrics.fingerprint.FingerprintEnrollFinish
com.android.settings.biometrics.fingerprint.FingerprintEnrollIntroduction
com.android.settings.biometrics.fingerprint.SetupFingerprintEnrollFindSensor
com.android.settings.biometrics.fingerprint.SetupFingerprintEnrollEnrolling
com.android.settings.biometrics.fingerprint.SetupFingerprintEnrollFinish
com.android.settings.biometrics.fingerprint.SetupFingerprintEnrollIntroduction
com.tct.settings.biometrics.fingerprint.FingerprintSettingsCap
com.tct.settings.biometrics.fingerprint.FingerprintEnrollFindSensorCap
com.tct.settings.biometrics.fingerprint.FingerprintEnrollEnrollingCap
com.tct.settings.biometrics.fingerprint.FingerprintEnrollFinishCap
com.tct.settings.biometrics.fingerprint.FingerprintEnrollIntroductionCap
com.tct.settings.biometrics.fingerprint.SetupFingerprintEnrollFindSensorCap
com.tct.settings.biometrics.fingerprint.SetupFingerprintEnrollEnrollingCap
com.tct.settings.biometrics.fingerprint.SetupFingerprintEnrollFinishCap
com.tct.settings.biometrics.fingerprint.SetupFingerprintEnrollIntroductionCap
com.android.settings.biometrics.fingerprint.FingerprintSuggestionActivity
com.tct.settings.biometrics.fingerprint.FingerprintSuggestionActivityCap
com.tct.settings.biometrics.fingerprint.FingerprintVerify
com.tct.settings.biometrics.common.TctFingerprintEditActivity
com.tct.settings.biometrics.fingerprint.TctFingerprintQuickLaunchSettings
com.tct.settings.biometrics.fingerprint.TctFingerprintQuickLaunchAppListSettings
com.tct.settings.biometrics.quickaccess.FingerprintQuickAccess
com.tct.settings.biometrics.quickaccess.QuickAccessTargetListSettings
com.android.settings.password.ConfirmLockPattern$InternalActivity
com.android.settings.password.ConfirmLockPassword$InternalActivity
com.android.settings.password.SetupChooseLockGeneric
com.android.settings.password.SetupChooseLockGeneric$InternalActivity
com.android.settings.password.ChooseLockGeneric
com.android.settings.password.SetNewPasswordActivity
com.android.settings.password.ScreenLockSuggestionActivity
com.android.settings.biometrics.fingerprint.FingerprintEnrollSuggestionActivity
com.tct.settings.biometrics.fingerprint.FingerprintEnrollSuggestionActivityCap
com.android.settings.password.ChooseLockGeneric$InternalActivity
com.android.settings.password.SetupChooseLockPattern
com.android.settings.password.ChooseLockPattern
com.android.settings.password.SetupChooseLockPassword
com.android.settings.password.ChooseLockPassword
com.android.settings.SetupEncryptionInterstitial
com.android.settings.EncryptionInterstitial
com.android.settings.Settings$StorageDashboardActivity
com.android.settings.Settings$PublicVolumeSettingsActivity
com.android.settings.Settings$PrivateVolumeForgetActivity
com.android.settings.deviceinfo.StorageWizardInit
com.android.settings.deviceinfo.StorageWizardFormatProgress
com.android.settings.deviceinfo.StorageWizardFormatSlow
com.android.settings.deviceinfo.StorageWizardMigrateConfirm
com.android.settings.deviceinfo.StorageWizardMigrateProgress
com.android.settings.deviceinfo.StorageWizardReady
com.android.settings.deviceinfo.StorageWizardMoveConfirm
com.android.settings.deviceinfo.StorageWizardMoveProgress
com.android.settings.deviceinfo.NetWorkUnlockActivity
com.android.settings.Settings$ApnEditorActivity
com.android.settings.Settings$DevelopmentSettingsDashboardActivity
com.android.settings.development.DevelopmentSettingsDisabledActivity
com.android.settings.Settings$PrintSettingsActivity
com.android.settings.Settings$PrintJobSettingsActivity
com.android.settings.development.AppPicker
com.android.settings.development.DSULoader
com.android.settings.development.DSUTermsOfServiceActivity
com.android.settings.development.storage.BlobInfoListView
com.android.settings.development.storage.LeaseInfoListView
com.android.settings.Settings$WebViewAppPickerActivity
com.android.settings.Settings$BugReportHandlerPickerActivity
com.android.settings.bluetooth.BluetoothPairingDialog
com.android.settings.bluetooth.RequestPermissionActivity
com.android.settings.wifi.WifiScanModeActivity
com.android.settings.Settings$UsbDetailsActivity
com.android.settings.RemoteBugreportActivity
com.android.settings.bluetooth.RequestPermissionHelperActivity
com.android.settings.bluetooth.BluetoothPermissionActivity
com.android.settings.ActivityPicker
com.android.settings.Settings$AndroidBeamSettingsActivity
com.android.settings.Settings$WifiDisplaySettingsActivity
com.android.settings.Settings$TestingSettingsActivity
com.android.settings.AppWidgetPickActivity
com.android.settings.AllowBindAppWidgetActivity
com.android.settings.UsageStatsActivity
com.android.settings.Settings$PowerUsageSummaryActivity
com.android.settings.Settings$BatterySaverSettingsActivity
com.android.settings.fuelgauge.BatterySaverModeVoiceActivity
com.android.settings.Settings$AccountSyncSettingsActivity
com.android.settings.Settings$ManagedProfileSettingsActivity
com.android.settings.accounts.AddAccountSettings
com.android.settings.Settings$ChooseAccountActivity
com.android.settings.CryptKeeper
com.android.settings.FallbackHome
com.android.settings.CryptKeeper$FadeToBlack
com.android.settings.CryptKeeperConfirm$Blank
com.android.settings.Settings$CryptKeeperSettingsActivity
com.android.settings.Settings$DataUsageSummaryActivity
com.android.settings.Settings$MobileDataUsageListActivity
com.android.settings.Settings$DreamSettingsActivity
com.android.settings.Settings$UserSettingsActivity
com.android.settings.Settings$PaymentSettingsActivity
com.android.settings.nfc.PaymentDefaultDialog
com.android.settings.nfc.HowItWorks
com.android.settings.TctSettings$NfcAndPaymentSettingsActivity
com.android.settings.Settings$NotificationAccessSettingsActivity
com.android.settings.Settings$NotificationAccessDetailsActivity
com.android.settings.Settings$NotificationAssistantSettingsActivity
com.android.settings.Settings$VrListenersSettingsActivity
com.android.settings.Settings$PictureInPictureSettingsActivity
com.android.settings.Settings$AppPictureInPictureSettingsActivity
com.android.settings.Settings$InteractAcrossProfilesSettingsActivity
com.android.settings.Settings$AppInteractAcrossProfilesSettingsActivity
com.android.settings.Settings$ZenAccessDetailSettingsActivity
com.android.settings.Settings$ZenAccessSettingsActivity
com.android.settings.Settings$ConfigureNotificationSettingsActivity
com.android.settings.Settings$ConversationListSettingsActivity
com.android.settings.Settings$AppBubbleNotificationSettingsActivity
com.android.settings.Settings$PremiumSmsAccessActivity
com.android.settings.Settings$SoundSettingsActivity
com.android.settings.Settings$NotificationAppListActivity
com.android.settings.Settings$AppNotificationSettingsActivity
com.android.settings.notification.app.ChannelPanelActivity
com.android.settings.ManualDisplayActivity
com.android.settings.RegulatoryInfoDisplayActivity
com.android.settings.notification.NotificationAccessConfirmationActivity
com.android.settings.wifi.RequestToggleWiFiActivity
com.android.settings.wifi.WifiDialogActivity
com.android.settings.wifi.NetworkRequestDialogActivity
com.android.settings.sim.SimDialogActivity
com.android.settings.flashlight.FlashlightHandleActivity
com.android.settings.Settings$WifiCallingSettingsActivity
com.android.settings.wifi.calling.WifiCallingSuggestionActivity
com.android.settings.Settings$OverlaySettingsActivity
com.android.settings.Settings$AppDrawOverlaySettingsActivity
com.android.settings.Settings$WriteSettingsActivity
com.android.settings.Settings$AppWriteSettingsActivity
com.android.settings.Settings$AlarmsAndRemindersActivity
com.android.settings.Settings$AlarmsAndRemindersAppActivity
com.android.settings.Settings$ManageExternalSourcesActivity
com.android.settings.Settings$ManageAppExternalSourcesActivity
com.android.settings.enterprise.ActionDisabledByAdminDialog
com.android.settings.Settings$ManageExternalStorageActivity
com.android.settings.Settings$AppManageExternalStorageActivity
com.android.settings.Settings$MediaManagementAppsActivity
com.android.settings.Settings$AppMediaManagementAppsActivity
com.android.settings.backup.UserBackupSettingsActivity
com.android.settings.Settings$AutomaticStorageManagerSettingsActivity
com.android.settings.fuelgauge.AdvancedPowerUsageDetailActivity
com.android.settings.Settings$AppAndNotificationDashboardActivity
com.android.settings.Settings$AppDashboardActivity
com.android.settings.Settings$AccountDashboardActivity
com.android.settings.Settings$SystemDashboardActivity
com.android.settings.support.SupportDashboardActivity
com.android.settings.HelpTrampoline
com.android.settings.applications.autofill.AutofillPickerActivity
com.android.settings.applications.autofill.AutofillPickerTrampolineActivity
com.android.settings.Settings$AdvancedConnectedDeviceActivity
com.android.settings.Settings$BluetoothDeviceDetailActivity
com.android.settings.panel.SettingsPanelActivity
com.android.settings.wifi.addappnetworks.AddAppNetworksActivity
com.android.settings.wifi.dpp.WifiDppConfiguratorActivity
com.android.settings.wifi.dpp.WifiDppEnrolleeActivity
com.android.settings.homepage.contextualcards.ContextualCardFeedbackDialog
com.android.settings.homepage.contextualcards.FaceReEnrollDialog
com.android.settings.Settings$WifiCallingDisclaimerActivity
com.android.settings.Settings$BatterySaverScheduleSettingsActivity
com.android.settings.Settings$GlobalActionsPanelSettingsActivity
com.android.settings.Settings$PowerMenuSettingsActivity
com.android.settings.Settings$DeviceControlsSettingsActivity
com.android.settings.Settings$GestureNavigationSettingsActivity
com.android.settings.Settings$MediaControlsSettingsActivity
com.android.settings.sim.ChooseSimActivity
com.android.settings.sim.SwitchToEsimConfirmDialogActivity
com.android.settings.sim.DsdsDialogActivity
com.android.settings.sim.smartForwarding.SmartForwardingActivity
com.android.settings.Settings$FactoryResetActivity
com.android.settings.Settings$FactoryResetConfirmActivity
com.android.settings.intelligence.search.SearchActivity
com.android.settings.deviceinfo.UsbModeChooserActivity
com.android.settings.DemoModeActivity
com.android.settings.Settings$UninstallAppsAccessActivity
com.android.settings.TctSettings$WallpaperAndThemeSettingsActivity
com.android.settings.TctSettings$AdvancedFeaturesSettingsActivity
com.android.settings.TctSettings$ButtonGestureSettingsActivity
com.tct.notification.VibrationDurationSetting
com.tct.notification.BaseRingtoneTabActivity
com.tct.notification.PhoneRingtoneTabActivity
com.tct.notification.NotificationRingtoneTabActivity
com.tct.notification.AlarmRingtoneTabActivity
com.android.settings.vpn.ConfigureVPNKeyGuardDialog
com.tct.settings.biometrics.fingerprintun.FingerprintSettingsUn
com.tct.settings.biometrics.fingerprintun.FingerprintVerifyUn
com.tct.settings.biometrics.quicklaunch.FingerprintQuickLaunchUn
com.tct.settings.biometrics.quicklaunch.FingerprintRemoveQuickLaunchUn
com.tct.settings.biometrics.quicklaunch.QuickLaunchTargetListSettings
com.android.settings.TctSettings$ConfigureTctNotificationSettingsActivity
com.tct.notification.TctLessDisturbingManagerAppsSettings
com.tct.notification.TctVolumePanelActivity
com.tct.settings.security.LockScreenStyleSetupActivity
com.tcl.telephony.wfc.TclWifiCallingHelp
com.tcl.telephony.wfc.TclWifiCallingHelpDialogActivity
com.android.settings.GestureSetupActivity
com.android.settings.DominantHandSetupActivity
com.android.settings.DateTimeSetupActivity
com.android.settings.bluetooth.BluetoothCalibrationDialog
com.android.settings.display.ReadingModeManagerAppsSettings
com.android.tmo.tether.tmo.AllowedListActivity
com.android.settings.Settings$TetherSettingsSprintActivity
com.android.settings.Settings$TetherSettingsTMOActivity
com.android.settings.Settings$HotspotSettingsTMOActivity
com.android.settings.ConnectivitySubSettings
com.android.settings.Settings$TetherSettingsVZWActivity
com.android.settings.Settings$TetherWifiSettingsVZWActivity
com.tct.settings.network.CarrierChooseActivity
com.tct.settings.network.CarrierSettingActivity
com.android.settings.TctSettings$GestureSettingsActivity
com.android.settings.network.telephony.MobileNetworkActivity
com.android.settings.Settings$CombinedBiometricSettingsActivity
com.android.settings.Settings$CombinedBiometricProfileSettingsActivity
com.android.settings.Settings$LockScreenSettingsActivity
androidx.slice.compat.SlicePermissionActivity

Receivers

Information computed with AndroGuard. 

com.android.settings.SettingsInitialize
com.android.settings.deviceinfo.StorageUnmountReceiver
com.android.settings.bluetooth.BluetoothPairingRequest
com.android.settings.bluetooth.BluetoothPermissionRequest
com.android.settings.TestingSettingsBroadcastReceiver
com.android.settingslib.bluetooth.BluetoothDiscoverableTimeoutReceiver
com.android.settings.users.ProfileUpdateReceiver
com.android.settings.sim.SimSelectNotification
com.android.settings.wifi.slice.ConnectToWifiHandler
com.android.settings.slices.SliceBroadcastReceiver
com.android.settings.slices.SliceRelayReceiver
com.android.settings.slices.VolumeSliceRelayReceiver
com.android.settings.fuelgauge.batterytip.AnomalyDetectionReceiver
com.android.settings.fuelgauge.batterytip.AnomalyConfigReceiver
com.android.settings.media.BluetoothPairingReceiver
com.android.settings.sim.receivers.SimSlotChangeReceiver
com.android.settings.sim.receivers.SuwFinishReceiver
com.android.settings.sim.receivers.SimCompleteBootReceiver
com.tct.deviceinfo.UsbModeSelection
com.android.settings.USBDialogreceiver
com.tct.UsbDebugBroadcastReceiver
com.android.settings.wifi.ManagerPasspointReceiver
com.tct.settings.biometrics.fingerprintun.FingerprintReceiver
com.android.settings.applications.SetDefaultBrowserReceiver
com.android.settings.datausage.CustomPcoRecevier
com.android.settings.StopGoogleAppBroadcastReceiver
com.android.tmo.tether.tmo.HotspotWidgetTMO
com.tct.settings.wifi.WifiNetworkCheckReceiver
com.android.vzw.ApnMiniCodeBroadcastReceiver
com.tct.settings.wifi.tether.HotspotEntitlementCheckReceiver
com.tct.settings.network.CarrierChooseReceiver

Services

Information computed with AndroGuard. 

com.android.settings.wifi.tether.TetherService
com.android.settings.bluetooth.BluetoothPairingService
com.android.settings.SettingsDumpService
com.android.settings.development.qstile.DevelopmentTiles$ShowLayout
com.android.settings.development.qstile.DevelopmentTiles$GPUProfiling
com.android.settings.development.qstile.DevelopmentTiles$ForceRTL
com.android.settings.development.qstile.DevelopmentTiles$AnimationSpeed
com.android.settings.development.qstile.DevelopmentTiles$WinscopeTrace
com.android.settings.development.qstile.DevelopmentTiles$SensorsOff
com.android.settings.development.qstile.DevelopmentTiles$WirelessDebugging
com.android.settings.development.qstile.DevelopmentTiles$ShowTaps
com.android.settings.fuelgauge.batterytip.AnomalyCleanupJobService
com.android.settings.fuelgauge.batterytip.AnomalyConfigJobService
com.android.settings.fuelgauge.batterytip.AnomalyDetectionJobService
com.android.settings.sim.SimNotificationService
com.android.settings.intelligence.suggestions.SuggestionService
com.android.tmo.tether.sprint.TetherServiceSprint
com.android.tmo.tether.tmo.TetherServiceTMO2
com.android.vzw.tether.TetherServiceVZW
com.tct.wifi.tether.TctTetherService

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application use no DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application invoke the functionality provided by the platform to securely store credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity', 'camera', 'location', 'bluetooth', 'NFC'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files: 
 com/tct/settings/biometrics/fqlcommon/FqlBindingAppsFragment.java
 com/tct/settings/biometrics/common/FingerprintUtils.java
 com/tct/display/TctSearchWallpaperPreferenceController.java
 com/tct/settings/biometrics/quickaccess/QuickAccessHelper.java
 com/tct/wifi/tether/TctTetheringUtils.java
 com/tct/settings/biometrics/fingerprint/TctFingerprintQuickLaunchAppListSettings.java
 com/tct/settings/biometrics/quickaccess/QuickAccessItemRadioButtonPref.java
 com/tct/android/setupcompat/PartnerCustomizationLayout.java
 com/tct/settings/biometrics/common/FingerprintRemoveSidecar.java
 com/tct/settings/biometrics/fingerprintun/FingerprintVerifyUn.java
 com/tct/widgets/widget/TctSimpleIndexer.java
 com/tct/settings/biometrics/fingerprint/FingerprintVerificationItemPreference.java
 com/tct/notification/SilentModePreferenceController.java
 com/tct/settings/biometrics/fingerprint/FingerprintEnrollFinishCap.java
 com/tct/UsbDebugBroadcastReceiver.java
 com/tct/search/SearchSuggetsionBaseController.java
 com/tct/settings/network/CarrierChooseReceiver.java
 com/tct/settings/biometrics/quicklaunch/QuickLaunchBindingFeatureFragment.java
 com/tct/wifi/TctWifiSettingsManager.java
 com/tct/wifi/wapi/WapiCertPreferenceController.java
 com/tct/notification/TctNotificationLightPreferenceController.java
 com/tct/navigationbar/ButtonsLayoutPreference.java
 com/tct/ApnSecretCodeReceiver.java
 com/tct/settings/biometrics/common/TctAppLockAgency.java
 com/tct/settings/password/TctLockScreenSettings.java
 com/tct/fcm/SystemPropertiesCompat.java
 com/tct/notification/TctLessDisturbingPreferenceController.java
 com/tct/settings/biometrics/quicklaunch/FingerprintQuickLaunchUn.java
 com/tct/settings/biometrics/fingerprint/FingerprintEnrollEnrollingCap.java
 com/tct/settings/wifi/TctWifiConfigControllerEx2.java
 com/tct/settings/wifi/tether/HotspotEntitlementCheckReceiver.java
 com/airbnb/lottie/utils/LogcatLogger.java
 com/tct/settings/biometrics/fingerprintun/FingerprintReceiver.java
 com/tct/display/TctWallpaperPreferenceController.java
 com/tct/display/SubBrightnessSeekBarPreference.java
 com/tct/sim/SimHotSwapHandler.java
 com/tct/notification/ConfigureTctNotificationPreferenceController.java
 com/tct/settings/biometrics/fingerprint/NormalAdapter.java
 com/tct/settings/biometrics/quickaccess/QuickAccessBindingFeatureFragment.java
 com/tct/settings/biometrics/fingerprint/TctFingerprintQuickLaunchSettings.java
 com/tct/wifi/TctPredefineApLoader.java
 com/tct/fcm/FCMUtils.java
 com/tct/settings/biometrics/quickaccess/FingerprintQuickAccess.java
 com/tct/android/setupcompat/template/ScrollViewScrollHandlingDelegate.java
 com/tct/settings/biometrics/fingerprint/FingerprintSettingsCap.java
 com/tct/settings/wifi/tether/WifiTetherTimeoutPreferenceController.java
 com/tct/settings/biometrics/quickaccess/FingerprintQuickAccessFragment.java
 com/tct/deviceinfo/RomVersionController.java
 com/tct/settings/biometrics/fingerprint/BiometricEnrollIntroductionCap.java
 com/tct/settings/biometrics/quicklaunch/QuickLaunchTargetListSettings.java
 com/tct/android/setupcompat/internal/LifecycleFragment.java
 com/tct/settings/biometrics/fingerprint/NormalAdapterWrapper.java
 com/tct/settings/biometrics/fingerprint/FingerprintEnrollFindSensorCap.java
 com/tcl/telephony/wfc/TclWifiCallingHelp.java
 com/tct/bluetooth/TctBondedDeviceGroupController.java
 com/tct/notification/BaseRingtoneTabActivity.java
 com/tct/settings/biometrics/fingerprint/FingerprintSuggestionActivityCap.java
 com/tct/TctSoftwareVersionController.java
 com/tct/settings/security/LockAodPreferenceController.java
 com/tct/settings/wifi/tether/TctWifiTetherBroadcastNetworkPreferenceController.java
 com/tct/notification/BaseRingtoneTabFragment.java
 com/tct/display/BrightnessSeekBarPreference.java
 com/tct/settings/biometrics/fingerprint/FingerprintVerify.java
 com/tct/settings/biometrics/quicklaunch/LaunchAppRadioButtonPreferenceUn.java
 com/tct/settings/security/TclAmbientDisplayNotificationsPreferenceController.java
 com/tct/network/Tct5GPreferenceController.java
 com/tct/settings/security/LockScreenStyleSetupActivity.java
 com/tct/widgets/widget/TctEditTextVerifyBase.java
 com/airbnb/lottie/PerformanceTracker.java
 com/tct/accessibility/PocketModePreferenceController.java
 com/tct/search/SearchSuggestionRaiseToWakeController.java
 com/tct/settings/biometrics/common/FingerprintEnrollActivity.java
 com/tct/wifi/WifiOffloadPreferenceController.java
 com/tct/TctBluetoothSummaryAdapter.java
 com/tct/wifi/tether/TctTetherService.java
 com/tct/settings/biometrics/common/TctFingerprintEditActivity.java
 com/tct/settings/biometrics/quickaccess/FingerprintQuickAccessRemoveTargetFragment.java
 com/tct/settings/security/LockScreenStyleAnimationController.java
 com/tct/notification/TctHeadsetModePreferenceController.java
 com/tct/notification/ConfigureTctNotificationSettings.java
 com/tct/settings/biometrics/fingerprintun/FingerprintSettingsUn.java
 com/tct/settings/wifi/WifiNetworkCheckReceiver.java
 com/tct/navigationbar/TclGestureNavigationSettings.java
 kotlin/io/ConsoleKt.java
 com/tct/settings/biometrics/fingerprint/BiometricsEnrollEnrollingCap.java
 com/tct/display/TctThemeController.java
 com/tct/settings/wifi/tether/TctWifiTetherMaxConnPreferenceController.java
 com/tct/bluetooth/TctAddDevicePreferenceController.java
 com/tct/settings/security/RaiseToWakePreferenceController.java
 com/tct/settings/biometrics/fqlcommon/FqlUtils.java
 com/tct/settings/biometrics/fingerprint/BiometricEnrollBaseCap.java
 com/tct/android/setupcompat/util/SystemBarHelper.java
 com/tct/wifi/TctWifiUtil.java
 com/tct/settings/security/LockScreenStyleUtils.java
 com/tct/fcm/FcmLog.java
 com/tct/CarrierConfigUtils.java
 com/tct/settings/biometrics/fingerprint/FingerprintEnrollIntroductionCap.java
 com/tct/settings/biometrics/quickaccess/QuickAccessTargetListSettings.java
 com/tct/TctDataHub.java
 com/tct/notification/QueryRingtoneTask.java
 com/tct/notification/TctLessDisturbingManagerAppsSettings.java
 com/airbnb/lottie/LottieAnimationView.java
 com/tct/settings/biometrics/common/FingerprintUnListPreference.java
 com/tct/settings/biometrics/fqlcommon/AzAppDataAdapter.java
 com/tct/settings/biometrics/fingerprint/FingerprintLaunchAppHelper.java
 com/tct/statusbar/StatusBarStyleSettings.java
 com/tct/settings/biometrics/fingerprint/FingerprintEnrollSuggestionActivityCap.java
 com/tct/settings/network/CarrierSettingActivity.java
 com/tct/settings/biometrics/common/FingerprintData.java
 com/tct/settings/biometrics/common/TctFingerprintAgency.java
 com/tct/settings/wifi/TctWifiConfigControllerEx.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files: 
 kotlin/collections/EmptyList.java
 kotlin/random/AbstractPlatformRandom.java
 kotlin/collections/unsigned/UArraysKt___UArraysJvmKt$asList$4.java
 kotlin/collections/unsigned/UArraysKt___UArraysJvmKt$asList$1.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$6.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$3.java
 kotlinx/coroutines/scheduling/CoroutineScheduler.java
 kotlin/random/KotlinRandom.java
 kotlin/collections/AbstractList.java
 kotlin/collections/RingBuffer.java
 kotlin/random/PlatformRandomKt.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$7.java
 kotlin/collections/CollectionsKt__CollectionsJVMKt.java
 kotlin/collections/unsigned/UArraysKt___UArraysJvmKt$asList$2.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$1.java
 okio/Options.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$4.java
 kotlin/collections/builders/ListBuilder.java
 kotlin/collections/CollectionsKt___CollectionsKt.java
 kotlin/random/FallbackThreadLocalRandom.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$2.java
 kotlin/collections/MovingSubList.java
 kotlin/collections/unsigned/UArraysKt___UArraysJvmKt$asList$3.java
 kotlin/collections/CollectionsKt__MutableCollectionsJVMKt.java
 kotlin/random/PlatformRandom.java
 kotlin/random/FallbackThreadLocalRandom$implStorage$1.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$5.java
 kotlin/collections/ArraysKt___ArraysJvmKt$asList$8.java
 kotlin/collections/CollectionsKt__MutableCollectionsKt.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files: 
 com/tct/TctDataHub.java
 com/tct/settings/wifi/tether/TctWifiTetherMaxConnPreferenceController.java
 com/tct/bluetooth/TctBluetoothFilesPreferenceController.java
 com/tct/bluetooth/TctAddDevicePreferenceController.java
 com/tct/settings/biometrics/quicklaunch/QuickLaunchBindingFeatureFragment.java
 com/tct/notification/zen/TctZenModeAutomaticRulesPreferenceController.java
 com/tct/settings/password/ActivityForegroundMonitor.java
 com/tct/wifi/TctPredefineApLoader.java
 com/tct/bluetooth/TctBondedDeviceGroupController.java
 com/tct/notification/zen/TctZenModeSwitchPreferenceController.java
 com/tct/bluetooth/TctBondedDeviceUpdater.java
 com/tct/settings/wifi/tether/TctWifiTetherBroadcastNetworkPreferenceController.java
 com/tct/settings/network/CarrierSettingActivity.java
 com/tct/settings/biometrics/fingerprint/FingerprintSettingsCap.java
 com/tct/settings/wifi/tether/WifiTetherTimeoutPreferenceController.java
 com/tct/bluetooth/TctRemoteDeviceNamePreferenceController.java
 com/tct/notification/TctHeadsetModePreferenceController.java
 com/tct/settings/biometrics/fingerprintun/FingerprintUnUtils.java
 com/tct/settings/biometrics/fingerprintun/FingerprintSettingsUn.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 com/tct/notification/BaseRingtoneTabFragment.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 kotlin/io/FilesKt__UtilsKt.java
Pygal Canada: 100 Germany: 100 Ireland: 100 Poland: 100