Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data via direct access to the app’s filesystem.
References
History

Mon, 21 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 21 Jul 2025 11:15:00 +0000

Type Values Removed Values Added
Description Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data via direct access to the app’s filesystem.
Title Insecure data storage vulnerability in Two App Studio Journey v5.5.9 for iOS
Weaknesses CWE-312
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cirosec

Published: 2025-07-21T11:01:13.982Z

Updated: 2025-07-21T12:28:22.467Z

Reserved: 2025-04-16T10:48:40.810Z

Link: CVE-2025-41458

cve-icon Vulnrichment

Updated: 2025-07-21T12:28:19.611Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-21T11:15:23.640

Modified: 2025-07-22T13:06:07.260

Link: CVE-2025-41458

cve-icon Redhat

No data.