CVE-2025-2909

Medium CVSS: 6.9

The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information.

Vendor

Product

CWE

CWE-312

Yayın Tarihi

2025-03-28 13:15:41

Güncelleme

2025-03-28 18:11:40

Source Identifier

cve-coordination@incibe.es

KEV Date Added

Kategoriler

CWE-312 MEDIUM 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fermax-mobile-applications