Insights At a Glance:
- Boomplay version 7.4.51 (released Feb 2025) contains a high-severity security flaw.
- The issue, logged as CVE-2025-6172, could allow unauthorized actions on your phone.
- Itβs already been fixed β just update the app to the latest version.
TECNO Mobile has published a new security advisory targeting users of the Boomplay app, warning of a high-risk vulnerability discovered in version 7.4.51 β an update that many users may still have installed on their phones.
The issue, officially filed under CVE-2025-6172, affects the app package com.afmobi.boomplayer and has been classified as βHighβ severity due to the risk of unauthorized operations being performed on a userβs device.
This means certain malicious apps or bad actors could potentially exploit the vulnerability to perform actions on your phone without your knowledge β actions you definitely didnβt approve.
So, whatβs going on?
The vulnerability stems from a permissions flaw that falls under the CWE-287: Improper Authentication category. Simply put, the app wasnβt strict enough in checking who gets to do what β and thatβs a problem when your data, your apps, and your deviceβs integrity are at stake.
TECNO’s advisory specifically names version 7.4.51 as the affected release. That version was rolled out back in February 2025, and chances are high that some users still havenβt updated β especially in regions where auto-updates are turned off or where data-saving habits lead users to delay manual updates.
Make tech-ish your favourite news source
Star tech-ish.com on Google. We move up your daily feed.
Is there a fix?
Yes β the vulnerability has already been patched in newer versions of the app. All users need to do is update Boomplay via the Google Play Store to eliminate the risk.
TECNO credited the discovery of the flaw to a security researcher who goes by the handleΒ iiiiiinv. Their contribution ensured the vulnerability was fixed before it could cause widespread damage.
Why this matters
App updates often come with vague changelogs β βbug fixes and performance improvementsβ β but every now and then, an update patches a major security issue like this one. Unfortunately, most users donβt realize the danger in sticking with outdated versions of their favourite apps.
In this case, Boomplayβs popularity β especially on TECNO devices across Africa β means there could still be thousands of users walking around with a vulnerable version, completely unaware.
