CVE-2025-23405

Summary

Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks (ex log injection).

Affected Software

VendorProductVersion RangeStatus
Dario HealthUSB-C Blood Glucose Monitoring System Starter Kit Android Applications0 < 5.8.7.0.36affected
Dario HealthDario Application Database and Internet-based Server InfrastructureAll versionsaffected

Weaknesses

  • CWE-117: CWE-117

Workarounds

Dario Health recommends users perform the following mitigations: 

  • Update the application from trusted sources. 

  • Don't use rooted/jailbroken devices. 

  • Avoid public untrusted network. 

  • For more information contact Dario Health https://www.dariohealth.com/contact/  directly.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References