Primary

Context

Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Sensitive Cookie Vulnerability

Vulnerability

Patched

A vulnerability exists in the Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android application, specifically in versions through 5.8.7.0.36. The issue arises from the application's cookie policy, which can be viewed through standard browser tools. This vulnerability allows for the transmission of sensitive cookies without the 'HttpOnly' flag, creating a risk of full session compromise, especially in the presence of cross-site scripting (XSS) vulnerabilities.

Impact

Exploitation of this vulnerability could lead to a complete compromise of user sessions, allowing attackers to hijack accounts and access sensitive information.

Remediation

Users are advised to update the Dario Health Android application to the latest version. For more information, contact Dario Health directly.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Sensitive Cookie Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dario Health USB-C Blood Glucose Monitoring System Starter Kit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating