CVE-2025-2190

Summary

The mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks.

Affected Software

VendorProductVersion RangeStatus
TECNOcom.transsnet.store9.1.0 < 9.2.6affected

Weaknesses

  • CWE-297: CWE-297 Improper Validation of Certificate with Host Mismatch

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References