Description
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
Published: 2026-04-01
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Potential for arbitrary code execution or information exposure through file overwrite
Action: Immediate patch
AI Analysis

Impact

The vulnerability is an arbitrary file overwrite flaw (CWE‑73) in Deep Thought Industries ACE Scanner PDF Scanner version 1.4.5. By manipulating the file import process, an attacker can replace critical internal files, which may enable arbitrary code execution or reveal sensitive information contained within the application.

Affected Systems

The affected product is the Deep Thought Industries ACE Scanner PDF Scanner for Android, version 1.4.5; this is the only version listed in the provided CPE string.

Risk and Exploitability

The CVSS score is 8.4, indicating high severity, while the EPSS score is below 1%, implying a lower probability of exploitation in the short term. This vulnerability is not listed in the CISA KEV catalog. The likely attack vector is application‑level, requiring the attacker to supply a crafted PDF file that a user imports into the application; this inference is based on the description of the file import process and is not directly stated in the input.

Generated by OpenCVE AI on April 2, 2026 at 22:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the vendor’s website or app store for an updated version and install it immediately.
  • If a patch is unavailable, discontinue use of the application or uninstall it to prevent the exploit.
  • Avoid importing PDFs from untrusted or unknown sources until the issue is resolved.
  • Contact Deep Thought Industries for remediation guidance or a workaround.

Generated by OpenCVE AI on April 2, 2026 at 22:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Title Arbitrary File Overwrite in Deep Thought Industries ACE Scanner PDF Scanner 1.4.5
First Time appeared Deepthought.industries pdf Scanner
Vendors & Products Deepthought.industries pdf Scanner

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title Arbitrary File Overwrite in Deep Thought Industries ACE Scanner PDF Scanner 1.4.5
First Time appeared Deepthought.industries
Deepthought.industries ace Scanner
CPEs cpe:2.3:a:deepthought.industries:ace_scanner:1.4.5:*:*:*:*:android:*:*
Vendors & Products Deepthought.industries
Deepthought.industries ace Scanner

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
Weaknesses CWE-73
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Deepthought.industries Ace Scanner Pdf Scanner
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-01T19:12:34.843Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30287

cve-icon Vulnrichment

Updated: 2026-04-01T19:10:55.575Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-01T14:16:49.777

Modified: 2026-04-02T19:37:43.627

Link: CVE-2026-30287

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:19:18Z

Weaknesses