CVE-2025-14020

Summary

LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces.

Affected Software

VendorProductVersion RangeStatus
LINE CorporationLINE client for Android10.0 < 14.20affected

Weaknesses

  • na

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References