CVE-2025-24849
Published: 28 February 2025
Description
Adversaries may alter data en route to storage or other systems in order to manipulate external outcomes or hide activity, thus threatening the integrity of the data.
Security Summary
CVE-2025-24849 is a vulnerability characterized by a lack of encryption in transit within cloud infrastructure, which facilitates the potential for sensitive data manipulation or exposure. This issue aligns with CWE-319 (Cleartext Transmission of Sensitive Information) and affects components referenced in CISA's ICS medical advisory ICSMA-25-058-01, linked to Dario Health. Published on 2025-02-28, it carries a CVSS v3.1 base score of 7.1 (AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H).
Exploitation requires an attacker with adjacent network access (AV:A), involving high attack complexity (AC:H), no privileges (PR:N), and user interaction (UI:R). Successful attacks can result in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H) within the unchanged scope (S:U), enabling potential interception, manipulation, or exposure of sensitive data in transit.
The CISA advisory at https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-058-01 and Dario Health's contact page at https://www.dariohealth.com/contact/ provide further details on mitigations, likely including recommendations for securing transit encryption in the affected cloud infrastructure.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Lack of encryption in transit (CWE-319) directly enables network sniffing to expose sensitive data (T1040) and alteration of data en route (T1565.002) for manipulation, given adjacent network access and high integrity/confidentiality impacts.