CVE-2026-3675 – This vulnerability in Freedom Factory dGEN1 all... (How to Fix)

Q: What is the severity of CVE-2026-3675?

CVE-2026-3675 has a CVSS score of 5.3 (MEDIUM). This vulnerability in Freedom Factory dGEN1 allows local attackers to bypass authorization controls through manipulation of the FakeAppReceiver function. It affects systems running dGEN1 up to version 20260221. The exploit requires local access and has been publicly disclosed.

📋 TL;DR

This vulnerability in Freedom Factory dGEN1 allows local attackers to bypass authorization controls through manipulation of the FakeAppReceiver function. It affects systems running dGEN1 up to version 20260221. The exploit requires local access and has been publicly disclosed.

💻 Affected Systems

Products:

Freedom Factory dGEN1

Versions: Up to 20260221

Operating Systems: Android (based on component org.ethosmobile.ethoslauncher)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the ethoslauncher component on Android devices running dGEN1.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation allowing unauthorized access to sensitive functions or data within the application.

🟠

Likely Case

Unauthorized local users gaining access to application features or data they shouldn't have permissions for.

🟢

If Mitigated

Limited impact due to local-only requirement and proper access controls on the host system.

🌐 Internet-Facing: LOW - Attack requires local access, cannot be exploited remotely.

🏢 Internal Only: MEDIUM - Local users could exploit this to bypass application authorization controls.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires local access and manipulation of the FakeAppReceiver function. Public disclosure increases likelihood of weaponization.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available - vendor did not respond to disclosure

Restart Required: No

Instructions:

No official patch available. Consider alternative security measures.

🔧 Temporary Workarounds

Application Removal

android

Remove or disable the vulnerable dGEN1 application from affected devices

adb uninstall org.ethosmobile.ethoslauncher

Access Restriction

all

Restrict local access to devices running the vulnerable application

🧯 If You Can't Patch

Implement strict physical security controls to prevent unauthorized local access
Monitor for suspicious local activity on devices running dGEN1

🔍 How to Verify

Check if Vulnerable:

Check if dGEN1 version is 20260221 or earlier on Android devices

Check Version:

adb shell dumpsys package org.ethosmobile.ethoslauncher | grep versionName

Verify Fix Applied:

Verify dGEN1 has been removed or updated beyond version 20260221

📡 Detection & Monitoring

Log Indicators:

Unusual local process manipulation
Unauthorized access attempts to ethoslauncher functions

Network Indicators:

None - local-only vulnerability

SIEM Query:

Process execution logs showing manipulation of org.ethosmobile.ethoslauncher components

📊 Metadata

CVE ID: CVE-2026-3675

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-266

Published: March 7, 2026

Last Updated: March 7, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-3675, you might also want to check these: