PT-2025-31639 · Unknown · Csc Pay Mobile App

Niranjan Gaire

Published

2025-08-01

Updated

2025-08-01

CVE-2025-46018

Report an issue

CVSS v3.1

5.4

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Name of the Vulnerable Software and Affected Versions:

CSC Pay Mobile App versions prior to 2.20.0

Description:

The CSC Pay Mobile App contains an issue that allows users to bypass payment authorization by disabling Bluetooth during a transaction. This bypass could lead to unauthorized use of laundry services and potential financial loss.

Recommendations:

Update to version 2.20.0 or later.

Exploit

Fix

Authentication Bypass by Spoofing

Weakness Enumeration

CWE-290

Related Identifiers

CVE-2025-46018

Affected Products

Csc Pay Mobile App

PT-2025-31639 · Unknown · Csc Pay Mobile App

Weakness Enumeration

Related Identifiers

Affected Products

References · 6