Rooting Detection Vulnerability in Union Bank of India Vyom on Android
CVE-2025-0575

1.8LOW

Key Information:

Vendor

Union Bank Of India

Status
Vyom
Vendor
CVE Published:
19 January 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-0575?

A vulnerability has been identified in the Union Bank of India's Vyom 8.0.34 application on Android, specifically within its rooting detection component. This vulnerability allows for a failure in the application's protection mechanisms, potentially exposing the device to unauthorized access. The nature of the attack requires local interaction, and while the complexity of exploiting this vulnerability is high, the exploit has been made public, raising concerns for users. The vendor was informed about this issue, but there has been no acknowledgment or response regarding the potential risks involved, making it critical for users to be aware of this vulnerability and take preventive measures.

Affected Version(s)

Vyom 8.0.34

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-0575 - Proof of Concept

References

https://vuldb.com/?id.292540
vdb-entry
https://vuldb.com/?ctiid.292540
signaturepermissions-required
https://vuldb.com/?submit.475733
third-party-advisory

CVSS V4

Score:
1.8
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

Credit

Mustafa_alotwala (VulDB User)
.