CVE-2025-64304
MEDIUMFOD App for Android and iOS < 5.2.0 - Unauthenticated Cryptographic Key Exposure via Hard-coded Keys
Title source: llmDescription
"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys.
References (2)
Core 2
Core References
Various Sources
https://help.fod.fujitv.co.jp/hc/ja/articles/48337068747033
Third Party Advisory
https://jvn.jp/en/jp/JVN63368617/
Scores
CVSS v3
4.0
EPSS
0.0012
EPSS Percentile
1.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-321
Status
published
Products (2)
Fuji Television Network, Inc./"FOD" App for Android
versions prior to 5.2.0
Fuji Television Network, Inc./"FOD" App for iOS
versions prior to 5.2.0
Published
Nov 25, 2025
Tracked Since
Feb 18, 2026