CVE-2025-58781
MEDIUMWTW-EAGLE App for iOS < 4.4.1 and Android < 4.4.0.10 - Improper Certificate Validation
Title source: llmDescription
WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic.
References (3)
Core 3
Core References
Various Sources
https://apps.apple.com/jp/app/wtw-eagle/id1365998037?uo=4
Third Party Advisory
https://jvn.jp/en/jp/JVN89109713/
Scores
CVSS v3
4.8
EPSS
0.0013
EPSS Percentile
3.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-295
Status
published
Products (2)
Wireless Tsukamoto Co., Ltd./WTW-EAGLE App for Android
prior to 4.4.0.10
Wireless Tsukamoto Co., Ltd./WTW-EAGLE App for iOS
prior to 4.4.1
Published
Sep 12, 2025
Tracked Since
Feb 18, 2026