CVE-2025-23405 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Improper Output Neutralization For Logs

🗓️ 28 Feb 2025 16:54:01Reported by icscertType

CVE-2025-23405 exposes USB-C Blood Glucose app to log injection risks, impacting incident response.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-23405	28 Feb 202519:32	–	circl
CNNVD	Dario Health USB-C Blood Glucose Monitoring System 安全漏洞	28 Feb 202500:00	–	cnnvd
CVE	CVE-2025-23405	28 Feb 202516:54	–	cve
EUVD	EUVD-2025-5940	3 Oct 202520:07	–	euvd
NVD	CVE-2025-23405	28 Feb 202517:15	–	nvd
Positive Technologies	PT-2025-9116 · Dario Health · Dario Application Database/Internet-Based Server Infrastructure +1	28 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-23405	2 Mar 202517:19	–	redhatcve
Vulnrichment	CVE-2025-23405 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Improper Output Neutralization For Logs	28 Feb 202516:54	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "USB-C Blood Glucose Monitoring System Starter Kit Android Applications",
    "vendor": "Dario Health",
    "versions": [
      {
        "lessThan": "5.8.7.0.36",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Dario Application Database and Internet-based Server Infrastructure",
    "vendor": "Dario Health",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Source	Link
dariohealth	www.dariohealth.com/contact/
cisa	www.cisa.gov/news-events/ics-medical-advisories/icsma-25-058-01

28 Feb 2025 16:54Current

CVSS 3.15.3

CVSS 46.9

EPSS0.00131

CWE-117