Primary

Context

Dario Health USB-C Blood Glucose Monitoring System Android Application Cross-User PII Exposure Vulnerability

Vulnerability

Patched

A vulnerability exists in the Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android application, all versions through 5.8.7.0.36. This vulnerability allows an attacker to access cross-user personal identifiable information (PII) and personal health information stored in the application's database. The issue arises from improper data handling and lack of access controls, enabling unauthorized exposure of sensitive information transmitted to the Android device.

Impact

Exploitation of this vulnerability could lead to unauthorized access and exposure of personal health information and cross-user PII, potentially allowing for data manipulation or injection attacks.

Remediation

Users are advised to update the Dario Health Android application to the latest version. For more information, contact Dario Health directly.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dario Health USB-C Blood Glucose Monitoring System Android Application Cross-User PII Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dario Health USB-C Blood Glucose Monitoring System Starter Kit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating