CVE-2025-24843

Summary

Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data.

Affected Software

VendorProductVersion RangeStatus
Dario HealthUSB-C Blood Glucose Monitoring System Starter Kit Android Applications0 < 5.8.7.0.36affected
Dario HealthDario Application Database and Internet-based Server InfrastructureAll versionsaffected

Weaknesses

  • CWE-921: CWE-921

Workarounds

Dario Health recommends users perform the following mitigations: 

  • Update the application from trusted sources. 

  • Don't use rooted/jailbroken devices. 

  • Avoid public untrusted network. 

  • For more information contact Dario Health https://www.dariohealth.com/contact/  directly.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References