What is CVE-2025-27839?

CVE-2025-27839 is a low-severity vulnerability in Tangem Sdk, classified under CWE-1025. CVSS score: 3.2/10. Published 2025-03-07.

How severe is CVE-2025-27839?

Low severity. CVSS v3 base score is 3.2 out of 10.

Vulnerability in Tangem Sdk

CVE-2025-27839

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Ex…

EPSS: 0.002 (35.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.2 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N.

Affected products

Tangem Sdk — versions 0

Weakness classification (CWE)

CWE-1025

References

tangem.com/en/blog/post/app-update/
github.com/tangem/tangem-sdk-android/commit/24588188fdb51ed469cd59d2c595128c1fe…
github.com/tangem/tangem-sdk-android/releases/tag/release-app_5.18-409

Frequently asked questions

What is CVE-2025-27839?: CVE-2025-27839 is a low-severity vulnerability in Tangem Sdk, classified under CWE-1025. CVSS score: 3.2/10. Published 2025-03-07.
How severe is CVE-2025-27839?: Low severity. CVSS v3 base score is 3.2 out of 10.