Sensitive Information Exposure in Android Application for PAY Region
CVE-2025-52580

2.4LOW

Key Information:

Vendor: Gift Pad Co.,ltd.
Status: "region Pay" App For Android
Vendor: CVE Published:; 22 July 2025

🔔 Create Gift Pad Co.,ltd. Vulnerability Alert

What is CVE-2025-52580?

A vulnerability exists in the PAY App for Android, allowing sensitive user information to be potentially logged and accessible. Versions prior to 1.5.28 are affected, posing a risk of exposure to unauthorized users who gain access to the application logs. This issue highlights the importance of securing application logging practices to prevent data breaches.

Affected Version(s)

"region PAY" App for Android prior to 1.5.28

References

https://jvn.jp/en/jp/JVN07825095/

CVSS V4

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
Jul 15, 2025