Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw

Several popular Android apps, including Xiaomi File Manager and WPS Office, were found vulnerable to a path traversal flaw that could allow malicious apps to overwrite files, leading to potential unauthorized access and data theft. Microsoft's Threat Intelligence team highlighted the risks of arbitrary code execution and token theft due to this vulnerability. Following responsible disclosure, Xiaomi and WPS Office have addressed the issue, but broader concerns remain about similar vulnerabilities in other apps.