PT-2025-39852 · Payeer · Payeer Android

Mhamdanali81

Published

2025-09-29

Updated

2025-12-23

CVE-2025-57197

CVSS v3.1

6.0

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Payeer Android application version 2.5.0

Description An improper access control issue exists in the authentication process for changing the PIN in the Payeer Android application. A local attacker with root access to the device can bypass the PIN verification check and directly modify the authentication PIN. This allows unauthorized modification of the PIN without knowledge of the original PIN. The vulnerability requires root access to the device for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2025-57197

Affected Products

Payeer Android

PT-2025-39852 · Payeer · Payeer Android

CVE-2025-57197

Weakness Enumeration

Related Identifiers

Affected Products

References · 7