On 17 January, a security researcher found a vulnerability in an Android application known as “ES File Explorer File Manager” (CVE-2019-6447). The application is commonly used for managing files on devices running the Android operating system.
The application only needs to be run once for the vulnerability to be active. Once launched, the application starts a web server on port number 59777 in the background, and allows attackers on the same network to gain access and download files that are stored in the compromised device.
• ES File Explorer File Manager ver 18.104.22.168.4 and older versions
• ES File Explorer/Manager Pro ver Pro 22.214.171.124 and older versions
Successful exploitation of this vulnerability could result in the disclosure of sensitive information as an attacker can remotely launch applications and access all files in the device.
The vulnerability has been fixed and the updated version of the application will be released shortly. SingCERT recommends users of the application to take the following actions:
• Check the Google Play Store and update the application once the new version is released.
• In the meantime, avoid using the application when their device is connected to an unsecured network (e.g. public Wi-Fi).
• Consider using alternative File Manager applications. See reference  for possible alternatives.