216.73.217.50

CVE-2025-9135

· Published 19/08/2025 11:15 · Modified 19/08/2025 14:15

Labels: CVE-2025-9135 2025-08-19CVE-2025-9135CWE-926[email protected]

Essential information

Published
19/08/2025 11:15
Modified
19/08/2025 14:15
Author
Creator
CVSS
4.8 MEDIUM (v3) 4.8 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer and BusBahnBim up to 12.1.1(258). The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components. The attack must be initiated from a local position. The exploit is now public and may be used. Upgrading to version 12.1.2(259) is sufficient to resolve this issue. Upgrading the affected component is recommended.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
verkehrsauskunft österreich / smart ride cpe:2.3:a:verkehrsauskunft_österreich:smart_ride:*:*:*:*:*:*:*:*
verkehrsauskunft österreich / clevv ver cpe:2.3:a:verkehrsauskunft_österreich:clevv_ver:*:*:*:*:*:*:*:*
verkehrsauskunft österreich / busbahn bim cpe:2.3:a:verkehrsauskunft_österreich:busbahn_bim:*:*:*:*:*:*:*:*

References