PT-2025-39203 · Indian Bank · Indsmart Android App
Published
2025-09-23
·
Updated
2025-09-25
·
CVE-2025-56146
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Indian Bank IndSMART Android App version 3.8.1
Description
The Indian Bank IndSMART Android App version 3.8.1 exhibits a flaw related to missing SSL certificate validation within the
NuWebViewActivity component. This could potentially allow for man-in-the-middle attacks, where an attacker intercepts communication between the app and the server.Recommendations
Update to a newer version of the Indian Bank IndSMART Android App that addresses the missing SSL certificate validation issue in the
NuWebViewActivity component.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Indsmart Android App