@@ -240,8 +240,10 @@ def backdoor_apk(apkfile, raw_payload, signature = true, manifest = true, apk_da
     check_apktool_output_for_exceptions(check_apktool)
 
     apktool_version = Rex::Version.new(check_apktool.split("\n").first.strip)
-    min_required_apktool_version = Rex::Version.new('2.7.0')
+    min_required_apktool_version = Rex::Version.new('2.9.2')
     unless apktool_version >= min_required_apktool_version
+      # technically MSF supports 2.7.0+ but versions < 2.9.2 are vulnerable to CVE-2024-21633
+      # see: https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w
       raise RuntimeError, "apktool version #{apktool_version} not supported, please download at least version #{min_required_apktool_version}."
     end
 