- Description
- This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting API response that contains unencrypted sensitive information belonging to other users. Successful exploitation of this vulnerability could allow remote attacker to impersonate the target user and gain unauthorized access to the user account.
- Source
- vdisclose@cert-in.org.in
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- vdisclose@cert-in.org.in
- CWE-319
- Hype score
- Not currently trending
🚨 CVE-2025-42603 🔴 HIGH (8.7) 🏢 Meon - KYC solutions 🏗️ 1.1 🔗 https://t.co/44H5i0Sgr5 #CyberCron #VulnAlert #InfoSec https://t.co/RtSS9eraol
@cybercronai
23 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-42603 Sensitive Data Exposure in Meon KYC Solutions via Unencrypted API Responses https://t.co/dULmRsEe82
@VulmonFeeds
23 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-42603 | Meon KYC Solutions 1.1 API Endpoint cleartext transmission (CIVN-2025-0082)) has been published on https://t.co/ymC14STYfG
@WolfgangSesin
23 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-42603: HIGH] Vulnerability found in Meon KYC solutions due to plain text data transmission in API responses, leading to potential unauthorized access and user impersonation risks.#cve,CVE-2025-42603,#cybersecurity https://t.co/jDi4wzPIOE https://t.co/b0htBHjSpJ
@CveFindCom
23 Apr 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-42603 This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in plain text within the response payloads of certain API endpoints. An auth… https://t.co/6iBqBWCzZs
@CVEnew
23 Apr 2025
427 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes