CNNVD-202511-2625 Information

CNNVD ID

CNNVD-202511-2625

Related CVE

CVE-2025-63434

• CNNVD Published: 2025-11-24

Description (Chinese)

Xtool AnyScan App是中国Xtool公司的一款汽车诊断移动应用。 Xtool AnyScan App 4.40.40及之前版本存在安全漏洞，该漏洞源于更新机制不安全，可能执行任意代码。

Description (English)

Xtool AnyScan App is a vehicle diagnostic mobile application for Xtool China. There is a security gap in Xtool AnyScan App 4.40.40 and earlier versions, which stems from the insecurity of the updating mechanism and the possible implementation of any code.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Xtool

Published

2025-11-24

Last Modified

2026-02-24

References

https://github.com/ab3lson/cve-references/tree/master/CVE-2025-63434 https://www.nowsecure.com/blog/2025/07/16/remote-code-execution-discovered-in-xtool-anyscan-app-risks-to-phones-and-vehicles/ https://access.redhat.com/security/cve/cve-2025-63434