Primary

Context

KDDI 'デジラアプリ' Improper Certificate Validation Vulnerability on iOS

Vulnerability

A vulnerability exists in the 'デジラアプリ' application for iOS, provided by KDDI CORPORATION, prior to version 80.10.00. This vulnerability involves improper validation of server certificates, which could be exploited to conduct a man-in-the-middle attack, allowing an attacker to eavesdrop on or tamper with encrypted communications.

Impact

Exploitation of this vulnerability could lead to a man-in-the-middle attack, where an attacker could intercept and modify encrypted communications.

Remediation

Users are advised to update the application to the latest version available from the developer.

Added: Nov 17, 2025, 6:17 AM

Updated: Nov 17, 2025, 6:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.2

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.2

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

KDDI 'デジラアプリ' Improper Certificate Validation Vulnerability on iOS

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating