CVE-2025-24843 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Storage of Sensitive Data in a Mechanism without Access Control

🗓️ 28 Feb 2025 16:56:11Reported by icscertType

Insecure storage in Dario Health USB-C Blood Glucose Monitoring App allows data manipulation risks.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-24843	28 Feb 202519:32	–	circl
CNNVD	Dario Health 安全漏洞	28 Feb 202500:00	–	cnnvd
CVE	CVE-2025-24843	28 Feb 202516:56	–	cve
EUVD	EUVD-2025-5936	3 Oct 202520:07	–	euvd
NVD	CVE-2025-24843	28 Feb 202517:15	–	nvd
Positive Technologies	PT-2025-9119 · Dario Health · Dario Application Database/Internet-Based Server Infrastructure +1	28 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-24843	2 Mar 202517:19	–	redhatcve
Vulnrichment	CVE-2025-24843 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Storage of Sensitive Data in a Mechanism without Access Control	28 Feb 202516:56	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "USB-C Blood Glucose Monitoring System Starter Kit Android Applications",
    "vendor": "Dario Health",
    "versions": [
      {
        "lessThan": "5.8.7.0.36",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Dario Application Database and Internet-based Server Infrastructure",
    "vendor": "Dario Health",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Source	Link
dariohealth	www.dariohealth.com/contact/
cisa	www.cisa.gov/news-events/ics-medical-advisories/icsma-25-058-01

28 Feb 2025 16:56Current

CVSS 3.15.1

CVSS 45.1

EPSS0.0004

CWE-921