CVE-2025-65820
BaseFortify
Publication date: 2025-12-10
Last updated on: 2025-12-17
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meatmeet | meatmeet | 1.1.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Meatmeet Android Mobile Application version 1.1.2.0, where an exported activity can be triggered to open a hidden page not accessible through normal app navigation. This hidden page lists several devices that can be added to a user's account, including two devices that have not been publicly released. An attacker exploiting this vulnerability can gain information about these unreleased devices.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker can gain unauthorized insight into unreleased Meatmeet devices by accessing a hidden page within the app. This could lead to information disclosure about upcoming products, potentially harming the company's competitive advantage or leading to other security concerns related to device information exposure.