CVE-2025-65832
BaseFortify
Publication date: 2025-12-10
Last updated on: 2025-12-12
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meatmeet | meatmeet | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-316 | The product stores sensitive information in cleartext in memory. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that the mobile application securely handles sensitive information in memory by clearing or encrypting it immediately upon logout and termination. Additionally, restrict physical access to devices to prevent unauthorized memory dumps. Consider updating the application to a version that addresses this issue once available.
Can you explain this vulnerability to me?
This vulnerability occurs because the mobile application insecurely handles sensitive information stored in memory. After a user logs out and terminates the app, an attacker with physical access to the device can perform a memory dump to retrieve Wi-Fi credentials used during pairing, JWTs for authentication, and other sensitive data.
How can this vulnerability impact me? :
An attacker with physical access to your device can extract sensitive information such as your home Wi-Fi credentials and authentication tokens, potentially allowing unauthorized access to your home network and Meatmeet account.