We have had a brief introduction about Android application components in Chapter 3, Fundamental Building Blocks of Android Apps. This section of this chapter explains various attacks that are possible against Android application components. It is recommended to read Chapter 3, Fundamental Building Blocks of Android Apps to better understand these concepts.
Exported activities is one of the common issues with Android application components that we usually come across during penetration tests. An activity that is exported can be invoked by any application sitting on the same device. Imagine a situation where an application has had sensitive activity exported and the user has also installed a malicious app that invokes this activity whenever he connects his charger. This is what is possible when apps have unprotected activities with sensitive functionality.