CVE-2025-13876 – This vulnerability allows local attackers to pe... (How to Fix)

Q: What is the severity of CVE-2025-13876?

CVE-2025-13876 has a CVSS score of 5.3 (MEDIUM). This vulnerability allows local attackers to perform path traversal attacks in the Rareprob HD Video Player All Formats App on Android, potentially overwriting arbitrary files. Only users of version 12.1.372 of this specific Android application are affected. The attack requires local access to the device.

📋 TL;DR

This vulnerability allows local attackers to perform path traversal attacks in the Rareprob HD Video Player All Formats App on Android, potentially overwriting arbitrary files. Only users of version 12.1.372 of this specific Android application are affected. The attack requires local access to the device.

💻 Affected Systems

Products:

Rareprob HD Video Player All Formats App

Versions: 12.1.372

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects this specific version of the Android application. Requires the app to be installed and accessible.

📦 What is this software?

Hd Video Player All Formats by Rareprob

View all CVEs affecting Hd Video Player All Formats →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise through overwriting critical system files, potentially leading to privilege escalation, data destruction, or installation of persistent malware.

🟠

Likely Case

Local user could overwrite application files, configuration files, or user data, causing application crashes, data loss, or limited privilege escalation within the app context.

🟢

If Mitigated

With proper Android sandboxing and file permission controls, impact would be limited to the application's own data directory.

🌐 Internet-Facing: LOW - Attack requires local access to device, cannot be exploited remotely over the internet.

🏢 Internal Only: MEDIUM - Local attackers with physical or remote access to the device could exploit this vulnerability, but requires user interaction or app execution context.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit has been publicly disclosed and requires local access. Attack likely needs some user interaction or app execution context.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure. Consider uninstalling the application until a fix is released.

🔧 Temporary Workarounds

Uninstall vulnerable application

android

Remove the vulnerable application from all Android devices

adb uninstall com.rocks.music.videoplayer
Manual uninstall via Android Settings > Apps

Restrict app permissions

android

Revoke all unnecessary permissions from the application

🧯 If You Can't Patch

Isolate devices with the vulnerable app from sensitive networks and data
Implement strict access controls and monitoring on devices with the vulnerable app

🔍 How to Verify

Check if Vulnerable:

Check Android device for installed app 'HD Video Player All Formats' with version 12.1.372 via Settings > Apps or using command: adb shell dumpsys package com.rocks.music.videoplayer | grep versionName

Check Version:

adb shell dumpsys package com.rocks.music.videoplayer | grep versionName

Verify Fix Applied:

Verify the app is no longer installed or has been updated to a version other than 12.1.372

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns from com.rocks.music.videoplayer
Attempts to access files outside app sandbox
Application crashes or permission errors

Network Indicators:

No network indicators - local attack only

SIEM Query:

process.name:"com.rocks.music.videoplayer" AND file.path:".." OR file.path:"/system" OR file.path:"/data/data"

📊 Metadata

CVE ID: CVE-2025-13876

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-22

EPSS Score: 0.03% exploit probability (9.3th percentile)

Published: December 2, 2025

Last Updated: February 26, 2026

🔗 References

https://github.com/Secsys-FDU/AF_CVEs/blob/main/HD%20Video%20Player%20All%20Formats/HD%20Video%20Player%20All%20Formats%20APP%20Arbitrary%20File%20Overwrite%20Vulnerability.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.334032 Permissions Required,VDB Entry
https://vuldb.com/?id.334032 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.692169 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13876, you might also want to check these: