Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft

Jul 3, 2025

Summary

  • Vulnerability: CVE‑2025‑45080 in YONO SBI Android app v1.23.36 allows unencrypted HTTP traffic.

  • Risk: Enables man‑in‑the‑middle (MITM) attacks—attackers can intercept or manipulate sensitive banking data.

  • Affected Users: Potentially millions using YONO’s Android version on network services, especially public Wi‑Fi.

  • Mitigation: Users should refrain from using the app until patched; developers must enforce HTTPS by disabling cleartext traffic.

Technical Breakdown: Cleartext Communications

A configuration misstep in the YONO SBI Android app’s AndroidManifest.xml — specifically android:usesCleartextTraffic="true" — allows network communications over unencrypted HTTP, overriding Android’s secure defaults for API 28+ (Android 9+)

This violates CWE‑319: Cleartext Transmission of Sensitive Information, exposing login credentials, account details, and transactional data to eavesdropping and tampering.

Threat Vectors: Eavesdropping & MITM

Because communications aren’t encrypted:

  • Eavesdropping: Credentials and transaction data can be captured in transit.

  • Manipulation: Attackers can alter data en route—potentially falsifying amounts or redirecting funds.

  • MITM Attacks: On the same network (especially public Wi‑Fi), attackers can insert themselves between the user and bank server undetected.

Severity: High Impact

With a CVSS v3.1 score of 8.8 (High), this vulnerability poses a serious threat in financial contexts, compromising confidentiality, integrity, and availability of sensitive data—all without requiring elevated privileges.

Discovery & Response

Security researcher Ishwar Kumar discovered the flaw via APK decompilation (APKTool), manifest inspection, and network traffic monitoring using Burp Suite/Wireshark.

Though the National Vulnerability Database has assigned CVE‑2025‑45080, no patch version has been publicly confirmed yet.

What You Should Do

For Developers & SBI / App Teams

  • Explicitly set android:usesCleartextTraffic="false".

  • Enforce HTTPS for all network endpoints.

  • Use Android Network Security Config for granular control.

  • Audit and update the AndroidManifest across all builds and releases.

For Users of YONO SBI App

  • Avoid using YONO SBI v1.23.36, especially on public Wi‑Fi or untrusted networks.

  • Prefer mobile data or wait for the patched version.

  • Keep an eye on app updates and official security announcements from SBI.

  • Routinely monitor bank account activity and report anomalies immediately.

Final Word

YONO SBI provides a robust suite of banking and lifestyle services—but this misconfiguration weakens overall trust. Financial apps must enforce encryption by default. Until SBI issues a secure update, users and developers alike need to act cautiously.

Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.

Latest News

Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft
Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft
Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft
Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft

Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft

Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft

Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft

Critical Vulnerability in YONO SBI App Exposes Millions to Data Theft

Jul 3, 2025

A hacker exploited Aditya Birla Capital’s ABCD app, stealing ₹1.95 crore in digital gold from 435 accounts. Learn how the breach happened, the response, and its implications for fintech security.
A hacker exploited Aditya Birla Capital’s ABCD app, stealing ₹1.95 crore in digital gold from 435 accounts. Learn how the breach happened, the response, and its implications for fintech security.
A hacker exploited Aditya Birla Capital’s ABCD app, stealing ₹1.95 crore in digital gold from 435 accounts. Learn how the breach happened, the response, and its implications for fintech security.
A hacker exploited Aditya Birla Capital’s ABCD app, stealing ₹1.95 crore in digital gold from 435 accounts. Learn how the breach happened, the response, and its implications for fintech security.

Mumbai Cyber Heist: ₹1.95 Crore Digital Gold Stolen from Aditya Birla Capital’s ABCD App

Mumbai Cyber Heist: ₹1.95 Crore Digital Gold Stolen from Aditya Birla Capital’s ABCD App

Mumbai Cyber Heist: ₹1.95 Crore Digital Gold Stolen from Aditya Birla Capital’s ABCD App

Mumbai Cyber Heist: ₹1.95 Crore Digital Gold Stolen from Aditya Birla Capital’s ABCD App

Jun 26, 2025

16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users
16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users
16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users
16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users

16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users

16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users

16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users

16 Billion Passwords Leaked: Massive Credential Dump Hits Apple, Google, Facebook Users

Jun 20, 2025

Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach
Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach
Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach
Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach

Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach

Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach

Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach

Chinese Data Leak 2025: 4 Billion Records Exposed in Massive Surveillance Database Breach

Jun 9, 2025

ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability
ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability
ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability
ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability

ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability

ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability

ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability

ConnectWise ScreenConnect Breach 2025: Nation-State Attack Exploits Zero-Day Vulnerability

Jun 2, 2025

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information
Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information
Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information
Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Hertz Data Breach 2025: Cleo Vulnerability Exposes Sensitive Customer Information

Apr 22, 2025

Get updates in your inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Get updates in your

inbox directly

You are now subscribed.

Get updates in your inbox directly

You are now subscribed.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.

Enable your employees as first line of defense and expand your digital footprints without any fear.