Cyber Posture

CVE-2025-2190

High

Published: 11 March 2025

Published
11 March 2025
Modified
13 November 2025
KEV Added
Patch
CVSS Score 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0015 35.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2190 is a high-severity Improper Validation of Certificate with Host Mismatch (CWE-297) vulnerability in Tecno Com.Transsnet.Store. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Adversary-in-the-Middle (T1557); ranked at the 35.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SC-23 (Session Authenticity).

Threat & Defense at a Glance

What attackers do: exploitation maps to Adversary-in-the-Middle (T1557) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-8 Transmission Confidentiality and Integrity good match
prevent

SC-8 enforces cryptographic protection for transmission confidentiality and integrity, directly preventing man-in-the-middle interception and tampering that enables code injection in the mobile application.

SC-23 Session Authenticity good match
prevent

SC-23 protects the authenticity of communication sessions, mitigating man-in-the-middle attacks on the vulnerable mobile app's network traffic.

SC-17 Public Key Infrastructure Certificates good match
prevent

SC-17 requires PKI certificate validation to authenticate remote endpoints, countering MITM vulnerabilities that could lead to code injection in com.transsnet.store.

MITRE ATT&CK Enterprise TechniquesAI

T1557 Adversary-in-the-Middle Credential Access
Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique to support follow-on behaviors such as [Network Sniffing](https://attack.
attack.mitre.org →
T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
Why these techniques?

Vulnerability explicitly described as MITM attack enabling code injection and arbitrary code execution on client app, mapping to Adversary-in-the-Middle and Exploitation for Client Execution.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

NVD Description

The mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks.

Deeper analysisAI

CVE-2025-2190 is a man-in-the-middle (MITM) attack vulnerability affecting the mobile application com.transsnet.store, which may lead to code injection risks. Published on 2025-03-11, the issue is classified under CWE-297 and carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to potential impacts on confidentiality, integrity, and availability.

The vulnerability enables exploitation over a network by an unauthenticated attacker with no required privileges or user interaction, though it demands high attack complexity, such as positioning for MITM interception. Successful attacks could allow code injection, compromising the application's security and potentially leading to arbitrary code execution on affected devices.

Mitigation guidance and further details are available in advisories from Tecno Security Response Center at https://security.tecno.com/SRC/blogdetail/393?lang=en_US and https://security.tecno.com/SRC/securityUpdates.

Details

CWE(s)
CWE-297

Affected Products

tecno
com.transsnet.store
9.1.0 — 9.2.6

CVEs Like This One

CVE-2025-68637Shared CWE-297
CVE-2026-26214Shared CWE-297
CVE-2025-15385Same vendor: Tecno
CVE-2024-49782Shared CWE-297
CVE-2026-41603Shared CWE-297
CVE-2026-22747Shared CWE-297

References