Primary

Context

Taipower APP Improper Certificate Validation Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

A vulnerability exists in the Taipower APP developed by Taipower, specifically in versions through 3.4.4. The issue arises from improper validation of TLS/SSL certificates during HTTPS connections, allowing unauthenticated remote attackers to intercept and manipulate network packets. This flaw creates a Man-in-the-Middle (MITM) attack vector.

Impact

Exploitation of this vulnerability could lead to unauthorized interception and alteration of network communications.

Remediation

Users are advised to update the Taipower APP to version 3.4.5 or later.

Added: Mar 9, 2026, 4:18 AM

Updated: Mar 9, 2026, 4:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

6.0

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

6.0

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Taipower APP Improper Certificate Validation Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating