CVE-2025-11598
📋 TL;DR
The mObywatel iOS application fails to properly clear sensitive data from the App Switcher preview, allowing unauthorized users to view personal information from the last screen displayed before the app was minimized. This affects all iOS users of the vulnerable mObywatel app versions. The vulnerability persists even after the user logs out, as the App Switcher retains cached visual data.
💻 Affected Systems
- mObywatel iOS application
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker with physical access to the device could view highly sensitive personal information (e.g., national ID numbers, addresses, financial data) without authentication, leading to identity theft or targeted attacks.
Likely Case
Casual observers (colleagues, family members) could inadvertently see personal details when the device is left unattended, resulting in privacy violations.
If Mitigated
With proper device security controls (passcodes, biometrics, auto-lock), the window for exploitation is reduced, but the vulnerability still exists if the device is unlocked.
🎯 Exploit Status
Exploitation requires physical access to an unlocked device or ability to view the App Switcher. No special tools or technical skills needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 4.71.0
Vendor Advisory: https://info.mobywatel.gov.pl/
Restart Required: No
Instructions:
1. Open the App Store on your iOS device. 2. Search for 'mObywatel'. 3. Tap 'Update' to install version 4.71.0 or later. 4. No device restart required after update.
🔧 Temporary Workarounds
Manually clear App Switcher
allForce close the mObywatel app from the App Switcher after each use to prevent cached screen data from being visible.
1. Double-click Home button or swipe up from bottom (depending on iOS version) to open App Switcher.
2. Swipe up on the mObywatel app preview to force close it.
Enable device auto-lock
allReduce exposure window by setting device to auto-lock quickly when inactive.
1. Go to Settings > Display & Brightness > Auto-Lock.
2. Set to 30 seconds or less.
🧯 If You Can't Patch
- Enforce strict physical security policies for devices containing sensitive applications.
- Train users to manually force close the app from App Switcher after each sensitive session.
🔍 How to Verify
Check if Vulnerable:
1. Open mObywatel app and navigate to a screen with personal information. 2. Minimize app using Home gesture/button. 3. Open App Switcher - if last screen is visible, device is vulnerable.Check Version:
Open mObywatel app > Tap menu/settings > Look for version number (should be 4.71.0 or higher).Verify Fix Applied:
After updating to 4.71.0+, repeat the check steps - App Switcher should show a blank/obscured screen instead of actual content.📡 Detection & Monitoring
Log Indicators:
- No specific log indicators as this is a local UI issue.
Network Indicators:
- No network indicators as exploitation is local.
SIEM Query:
Not applicable - this is a client-side visual vulnerability without server-side logging.