CVE-2025-24843

Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Storage of Sensitive Data in a Mechanism without Access Control

Description

Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data.

Remediation

Solution:

Dario Health recommends users update their Dario Health Android mobile application to the latest version. No other actions are required by users.

Workaround:

Dario Health recommends users perform the following mitigations: * Update the application from trusted sources. * Don't use rooted/jailbroken devices. * Avoid public untrusted network. * For more information contact Dario Health https://www.dariohealth.com/contact/ directly.

References

Link	Tags
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-058-01
https://www.dariohealth.com/contact/

Frequently Asked Questions

What is the severity of CVE-2025-24843?: CVE-2025-24843 has been scored as a medium severity vulnerability.
How to fix CVE-2025-24843?: To fix CVE-2025-24843: Dario Health recommends users update their Dario Health Android mobile application to the latest version. No other actions are required by users.
Is CVE-2025-24843 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-24843 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-24843?: CVE-2025-24843 affects Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Applications, Dario Health Dario Application Database and Internet-based Server Infrastructure.

Description

Remediation

Category

CWE-921 – Storage of Sensitive Data in a Mechanism without Access Control

References

Frequently Asked Questions