216.73.216.215

CVE-2025-5154

· Published 25/05/2025 19:15 · Modified 25/05/2025 19:15

Labels: CVE-2025-5154 2025-05-25CVE-2025-5154CWE-312[email protected]

Essential information

Published
25/05/2025 19:15
Modified
25/05/2025 19:15
Author
Creator
CVSS
4.6 MEDIUM (v3) 4.6 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on Android. Affected is an unknown function of the file /data/data/com.phonepe.app/databases/ of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
phonepe / phonepe app cpe:2.3:a:phonepe:phonepe_app:25.03.21.0:*:*:*:*:*:*:*
sqlite / sqlite cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*

References