CVE-2025-58781

Summary

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic.

Affected Software

VendorProductVersion RangeStatus
Wireless Tsukamoto Co., Ltd.WTW-EAGLE App for iOSprior to 4.4.1affected
Wireless Tsukamoto Co., Ltd.WTW-EAGLE App for Androidprior to 4.4.0.10affected

Weaknesses

  • CWE-295: Improper certificate validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References