CVE-2025-52580 LOW

CVE-2025-52580

Vendor Gift Pad Co.,Ltd.
Product "region PAY" App for Android
Weakness CWE-532 · Sensitive info in logs
Published July 22, 2025
Last update July 22, 2025

CVSS base score

2.4/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Insertion of sensitive information into log file issue exists in "region PAY" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs.

Key dates

02Disclosure timeline

July 22, 2025 CVE published
July 22, 2025 Record updated