What is CVE-2025-24804?

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters (A–Z, a–z, and 0–9), hyphens (-), and periods (.). However, an attacker can manually modify this value in the `Info.plist` file and add special characters to the ` CFBundleIdentifier ` value. When the application parses the wrong characters in the bundle ID, it encounters an error. As a result, it will not display content and will throw a 500 error instead. The only way to make the pages work again is to manually remove the malicious application from the system. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

How severe is CVE-2025-24804?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2025-24804?

This is classified as CWE-1287, which is a common weakness in software security.

CVE-2025-24804

MEDIUM Year: 2025

CVSS v3 Score

4.3

Medium

Weakness Type

CWE-1287

View all →

Vulnerability Description

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters (A–Z, a–z, and 0–9), hyphens (-), and periods (.). However, an attacker can manually modify this value in the `Info.plist` file and add special characters to the `<key>CFBundleIdentifier</key>` value. When the application parses the wrong characters in the bundle ID, it encounters an error. As a result, it will not display content and will throw a 500 error instead. The only way to make the pages work again is to manually remove the malicious application from the system. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2023-47727

MEDIUM

CVSS:4.3(Medium)

IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input v...

CWE-12872023

CVE-2024-47261

MEDIUM

CVSS:4.3(Medium)

51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access t...

CWE-12872024

CVE-2025-0476

MEDIUM

CVSS:4.3(Medium)

Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment names, which allows an attacker to crash the mobile app for any user who opened a channel containing the s...

CWE-12872025

CVE-2025-20033

MEDIUM

CVSS:4.3(Medium)

Mattermost versions 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly validate post types, which allows attackers to deny service to users with the sysconsole_read_plugins ...

CWE-12872025

CVE-2023-3906

LOW

CVSS:3.5(Low)

An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft ...

CWE-12872023

CVE-2023-2673

MEDIUM

CVSS:5.3(Medium)

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the M...

CWE-12872023

CVE-2025-24804

Vulnerability Description

Related Vulnerabilities

CVE-2023-47727

CVE-2024-47261

CVE-2025-0476

CVE-2025-20033

CVE-2023-3906

CVE-2023-2673