CVE-2025-24316

Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Exposure of Sensitive Information Due to Incompatible Policies

Description

The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality.

Remediation

Solution:

Dario Health recommends users update their Dario Health Android mobile application to the latest version. No other actions are required by users.

Workaround:

Dario Health recommends users perform the following mitigations: * Update the application from trusted sources. * Don't use rooted/jailbroken devices. * Avoid public untrusted network. * For more information contact Dario Health https://www.dariohealth.com/contact/ directly.

References

Link	Tags
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-058-01
https://www.dariohealth.com/contact/

Frequently Asked Questions

What is the severity of CVE-2025-24316?: CVE-2025-24316 has been scored as a medium severity vulnerability.
How to fix CVE-2025-24316?: To fix CVE-2025-24316: Dario Health recommends users update their Dario Health Android mobile application to the latest version. No other actions are required by users.
Is CVE-2025-24316 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-24316 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-24316?: CVE-2025-24316 affects Dario Health Dario Application Database and Internet-based Server Infrastructure.

Description

Remediation

Category

CWE-213 – Exposure of Sensitive Information Due to Incompatible Policies

References

Frequently Asked Questions