Published:2026/05/13 Last Updated:2026/05/13
JVN#24167657
Android App "あんしんフィルター for au" vulnerable to cleartext transmission of sensitive information
Overview
Android App "あんしんフィルター for au" provided by KDDI CORPORATION contains Cleartext Transmission of Sensitive Information (CWE-319) vulnerability.
Products Affected
- Android App "あんしんフィルター for au" versions prior to 4.9_b0003
Description
Android App "あんしんフィルター for au" provided by KDDI CORPORATION contains the following vulnerability.
- Cleartext transmission of sensitive information (CWE-319)
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.3
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score 4.8
- CVE-2026-41281
Impact
A man-in-the-middle attacker may access and modify communications transmitted in plaintext, potentially resulting in information disclosure or data tampering.
Solution
Update the Software
Update the software to the latest version according to the information provided by the developer.
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2026-41281 |
| JVN iPedia |
JVNDB-2026-000069 |