Man-in-the-Middle Attack Vulnerability in Transsnet Mobile Application
CVE-2025-2190

8.1HIGH

Key Information:

Vendor: Tecno
Status: Com.transsnet.store
Vendor: CVE Published:; 11 March 2025

What is CVE-2025-2190?

The Transsnet mobile application is susceptible to a man-in-the-middle attack, which enables attackers to intercept and manipulate communications between the user and the application. This vulnerability can potentially allow malicious actors to execute code injection attacks, compromising user data and application integrity. Users are advised to adopt security best practices to mitigate the risks associated with this vulnerability.

Affected Version(s)

com.transsnet.store 9.1.0 < 9.2.6

References

https://security.tecno.com/SRC/blogdetail/393?lang=en_US

https://security.tecno.com/SRC/securityUpdates

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Mar 11, 2025

Tecno

What is CVE-2025-2190?

Affected Version(s)

References

CVSS V3.1

Timeline