Millions of AirDroid,a device manager app users were left vulnerable to phone data hijacking attacks.
Any attacker could exploit the vulnerability by sending the target a text message from a saved contact that is ‘inserted’ inside the AirDroid interface.
Anyone could be targeted using innocent contact card (vCard) containing malicious code via any service (MMS/WhatsApp/email/etc.) with a phone number associated with the targeted account.
However, in the end of January 2016, AirDroid released an update that contained a fix for the vulnerability.
Source: https://grahamcluley.com/airdroid-patches-vulnerability-exposed-millions-users-phone-data-hijacking/
"id": "AIR121917522",
"linkid": "airdroidbusiness",
"type": "Vulnerability",
"date": "01/2016",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"