CVE-2025-0352

Published Feb 20, 2025

Last updated 3 months ago

Overview

Description
Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an attacker to modify request data, potentially causing the API to return information about other users.
Source
ics-cert@hq.dhs.gov
NVD status
Deferred

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.7
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

ics-cert@hq.dhs.gov
CWE-639

Social media

Hype score
Not currently trending
  1. Actively exploited CVE : CVE-2025-0352

    @transilienceai

    3 Mar 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Actively exploited CVE : CVE-2025-0352

    @transilienceai

    2 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Actively exploited CVE : CVE-2025-0352

    @transilienceai

    1 Mar 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Actively exploited CVE : CVE-2025-0352

    @transilienceai

    28 Feb 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. Actively exploited CVE : CVE-2025-0352

    @transilienceai

    28 Feb 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. ๐Ÿšจ CVE-2025-0352 ๐Ÿ”ด HIGH (7.5) ๐Ÿข Rapid Response Monitoring - My Security Account App API ๐Ÿ—๏ธ 0 ๐Ÿ”— https://t.co/3ofZ1veDKn ๐Ÿ”— https://t.co/atGeBkAUfL #CyberCron #VulnAlert https://t.co/MxYipY7IZY

    @cybercronai

    22 Feb 2025

    16 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. โš ๏ธ Vulnerability Alert: User Identification Information Manipulation Leading to Privilege Check Bypass ๐Ÿ“… Timeline: Disclosure: 2025-02-20 Patch: 2025-02-20 ๐Ÿ“Œ Attribution: Reported by security researcher kbots. ๐Ÿ†” cveId: CVE-2025-0352 ๐Ÿ“Š baseScore: 7.5 (CVSS v3.1) ๐Ÿ“โ€ฆ https

    @syedaquib77

    21 Feb 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. โš ๏ธ Vulnerability Alert: Authorization Bypass Through User-Controlled Key ๐Ÿ“… Timeline: Disclosure: 2025-02-13 ๐Ÿ“Œ Attribution: ๐Ÿ†”cveId: CVE-2025-0352 ๐Ÿ“ŠbaseScore: 8.7 ๐Ÿ“cvssMetrics: AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N cvssSeverity: High ๐ŸŸ โ€ฆ https://t.co/4aj1

    @syedaquib77

    21 Feb 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. [CVE-2025-0352: HIGH] Stay vigilant! The My Security Account App faces a security risk due to an exploitable API. Attackers can modify data, potentially accessing info of other users. #cybersecurity#cybersecurity,#vulnerability https://t.co/UVRHFF7tJV https://t.co/RhAfAHX23Z

    @CveFindCom

    20 Feb 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-0352 Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an attacker to modify request data, potentially causing the API to return iโ€ฆ https://t.co/eEDdwUCGaW

    @CVEnew

    20 Feb 2025

    388 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes