Description

One of the activities in the application manifest is configured with launchMode=singleTask, this configuration is insecure because it opens the possibility that the application is vulnerable to Task Hijacking.

Impact

- Mislead the user with a malicious application that impersonates the applications functionalities. - Install malicious application on the application users device.

Recommendation

Configure the launchMode with the singleInstance option.

Threat

Unauthorized user with access to the application.

Expected Remediation Time

⏱️ 60 minutes.

Requirements

Fixes