Skip to main content

CVE-2025-6748: Cleartext Storage in a File or on Disk in Bharti Airtel Thanks App

Low
VulnerabilityCVE-2025-6748cvecve-2025-6748
Published: Fri Jun 27 2025 (06/27/2025, 01:31:06 UTC)
Source: CVE Database V5
Vendor/Project: Bharti Airtel
Product: Thanks App

Description

A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI-Powered Analysis

AILast updated: 06/27/2025, 02:35:15 UTC

Technical Analysis

CVE-2025-6748 is a vulnerability identified in the Bharti Airtel Thanks App version 4.105.4 on Android devices. The issue involves cleartext storage of sensitive data within the app's directory at /Android/data/com.myairtelapp/files/. This vulnerability arises from an unknown function that writes data to disk without encryption or adequate protection, allowing potentially sensitive information to be stored in plaintext. The attack vector requires physical access to the device, meaning an attacker must have direct access to the Android device to exploit this vulnerability. The exploit does not require user interaction, elevated privileges beyond limited privileges, or network access, but it does require local access to the device's file system. The vulnerability has been publicly disclosed, and although the vendor was notified early, there has been no response or patch released to date. The CVSS v4.0 base score is 2.4, indicating a low severity primarily due to the limited attack vector (physical access) and low impact on confidentiality, integrity, and availability. The vulnerability could lead to unauthorized disclosure of sensitive data stored by the app, potentially exposing user information or credentials if such data is stored in cleartext. However, the exact nature of the data exposed is unspecified. Since the app is used primarily by Bharti Airtel customers, the threat is localized to users of this app and the Android platform. No known exploits are currently in the wild, but public disclosure increases the risk of exploitation by attackers with physical access to devices.

Potential Impact

For European organizations, the direct impact of this vulnerability is limited because the Bharti Airtel Thanks App is primarily targeted at the Indian market and its customers. However, if any European entities use this app or if employees traveling from Europe use devices with this app installed, there is a risk of sensitive data exposure through physical device compromise. The vulnerability could lead to leakage of user data stored by the app, which might include personal information or authentication tokens, potentially facilitating further attacks or identity theft. The impact on confidentiality is moderate if sensitive data is stored unencrypted, but the integrity and availability impacts are negligible. Given the requirement for physical access, the threat is more relevant in scenarios where devices might be lost, stolen, or accessed by unauthorized personnel. European organizations with employees who use this app on corporate or personal devices should be aware of the risk of data leakage. Overall, the threat is low for most European organizations but could be a concern for individuals or entities with direct exposure to the affected app.

Mitigation Recommendations

1. Users should immediately update the Bharti Airtel Thanks App once a patched version is released by the vendor. 2. Until a patch is available, users should avoid storing sensitive information within the app or on devices that may be physically accessible to unauthorized persons. 3. Employ device-level encryption and strong lock screen protections (PIN, biometric) to reduce the risk of unauthorized physical access to the device's file system. 4. Organizations should implement mobile device management (MDM) solutions that enforce encryption, remote wipe capabilities, and restrict installation of vulnerable apps on corporate devices. 5. Regularly audit devices for the presence of vulnerable app versions and remove or update them accordingly. 6. Educate users about the risks of physical device compromise and encourage secure handling of devices, especially when traveling or in public spaces. 7. Monitor for any updates or advisories from Bharti Airtel regarding this vulnerability and apply patches promptly. 8. If possible, avoid using the affected app on devices that contain sensitive corporate data until the vulnerability is addressed.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-06-26T20:02:31.752Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 685dffcbca1063fb874e095d

Added to database: 6/27/2025, 2:19:55 AM

Last enriched: 6/27/2025, 2:35:15 AM

Last updated: 8/15/2025, 1:46:25 AM

Views: 20

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats