How to fix CVE-2025-10971?

Within 24 hours: Inventory all MeetMe deployments across iOS and Android devices in your organization and notify users of the vulnerability. Within 7 days: Issue guidance restricting MeetMe usage for sensitive communications until patched, and consider disabling the application via mobile device management (MDM) if business-critical. Within 30 days: Monitor vendor security advisories daily for patch release and develop a deployment plan; conduct security awareness training on risks of unpatched applications.

Is Android affected by CVE-2025-10971?

CVE-2025-10971 affects MeetMe mobile applications (iOS and Android through v2.2.5), exposing sensitive user data through insecure storage mechanisms.

CVE-2025-10971

EUVD-2025-200212 HIGH

2025-12-02 539080bd-5750-4cce-b30b-eed9a4ef6dcc

8.8

CVSS 4.0

CVSS Vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200212

CVE Published

Dec 02, 2025 - 08:15 nvd

HIGH 8.8

Description

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5.

Analysis

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5.

Technical Context

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls. This vulnerability is classified as Insecure Storage of Sensitive Information (CWE-922).

Affected Products

Affected: MeetMe on iOS

Remediation

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +44

POC: 0

CVE-2025-10971 vulnerability details – vuln.today

Back

CVE-2025-10971

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-10971

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code