CVE-2025-60022

Summary

Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on and/or tamper with an encrypted communication.

Affected Software

VendorProductVersion RangeStatus
KDDI CORPORATION‘デジラアプリ’ App for iOSprior to ver.80.10.00affected

Weaknesses

  • CWE-295: Improper certificate validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References