CVE-2025-1298

Summary

Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover.

Affected Software

VendorProductVersion RangeStatus
TECNOcom.transsion.carlcare6.2.8.1affected

Weaknesses

  • CWE-290: CWE-290 Authentication Bypass by Spoofing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References