LOW✓ PATCH🇬🇧 English

CVE-2025-27839

CVSS 3.2v3.1pub. 2025-03-08upd. 2026-04-15

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje
CVE-2025-27839 — LOW 3.2 | CVEbaza.pl