CVE-2025-24318

Summary

Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to full session compromise.

Affected Software

VendorProductVersion RangeStatus
Dario HealthDario Application Database and Internet-based Server InfrastructureAll versionsaffected

Weaknesses

  • CWE-1004: CWE-1004

Workarounds

Dario Health recommends users perform the following mitigations: 

  • Update the application from trusted sources. 

  • Don't use rooted/jailbroken devices. 

  • Avoid public untrusted network. 

  • For more information contact Dario Health https://www.dariohealth.com/contact/  directly.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References