CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-1298: Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover.
Description
Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover.
Classification
CVE ID: CVE-2025-1298
Affected Products
Vendor: TECNO
Product: com.transsion.carlcare
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.99% (scored less or equal to compared to others)
EPSS Date: 2025-03-15 (when was this score calculated)
References
https://security.tecno.com/SRC/blogdetail/383?lang=en_UShttps://security.tecno.com/SRC/securityUpdates