How to fix CVE-2025-58488?

Within 30 days: Identify affected systems running SmartTouchCall and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Smart Touch Call affected by CVE-2025-58488?

Organizations using SmartTouchCall should be aware of moderate risk from CVE-2025-58488 rated CVSS 4.5. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

CVE-2025-58488

EUVD-2025-200130 MEDIUM

2025-12-02 [email protected]

Information Disclosure Smart Touch Call

4.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200130

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

CVE Published

Dec 02, 2025 - 02:15 nvd

MEDIUM 4.5

DescriptionNVD

Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability.

AnalysisAI

Technical ContextAI

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls.

RemediationAI

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

CVE-2025-58488 vulnerability details – vuln.today

Back