CVE-2025-55622 – This CVE describes a task hijacking vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-55622?

CVE-2025-55622 has a CVSS score of 6.5 (MEDIUM). This CVE describes a task hijacking vulnerability in Reolink software where inappropriate taskAffinity settings could allow malicious apps to intercept legitimate app tasks. This affects users of Reolink's mobile applications on Android devices. The vendor disputes this as a vulnerability, claiming it's intentional behavior for user experience.

📋 TL;DR

This CVE describes a task hijacking vulnerability in Reolink software where inappropriate taskAffinity settings could allow malicious apps to intercept legitimate app tasks. This affects users of Reolink's mobile applications on Android devices. The vendor disputes this as a vulnerability, claiming it's intentional behavior for user experience.

💻 Affected Systems

Products:

Reolink mobile applications

Versions: v4.54.0.4.20250526 (specific version mentioned)

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Vendor disputes this as a vulnerability, claiming it's intentional design. Requires malicious app installation on same Android device.

📦 What is this software?

Reolink by Reolink

View all CVEs affecting Reolink →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious app could intercept sensitive camera feeds, credentials, or control commands, potentially leading to unauthorized surveillance or account compromise.

🟠

Likely Case

Limited data exposure through task interception, potentially revealing some app state information to malicious applications.

🟢

If Mitigated

Minimal impact with proper Android security controls and app isolation mechanisms in place.

🌐 Internet-Facing: LOW - Requires local malicious app installation, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Requires user to install malicious app from untrusted sources on same device.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires malicious app development and user installation. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not applicable - vendor disputes vulnerability

Vendor Advisory: None provided

Restart Required: No

Instructions:

No official patch as vendor disputes this is a vulnerability. Consider updating to latest Reolink app version if available.

🔧 Temporary Workarounds

Restrict app installation sources

android

Only install apps from official Google Play Store to reduce risk of malicious apps

Review app permissions

android

Regularly review and restrict unnecessary app permissions on Android device

🧯 If You Can't Patch

Monitor for suspicious app behavior and unauthorized access attempts
Implement mobile device management (MDM) controls to restrict app installations

🔍 How to Verify

Check if Vulnerable:

Check Reolink app version in Android settings > Apps > Reolink > App info

Check Version:

Not applicable - check through Android UI

Verify Fix Applied:

Update to latest Reolink app version from official app store

📡 Detection & Monitoring

Log Indicators:

Unusual app task switching or interception events in Android logs

Network Indicators:

Not applicable - local exploitation only

SIEM Query:

Not applicable for typical enterprise monitoring

📊 Metadata

CVE ID: CVE-2025-55622

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CWE: CWE-491

EPSS Score: 0.07% exploit probability (22.2th percentile)

Published: August 22, 2025

Last Updated: October 2, 2025

🔗 References

https://relieved-knuckle-264.notion.site/Reolink-Task-Hijacking-21a437003642808ba21fd79530a21e96 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55622, you might also want to check these: