CVE-2025-14021 – The LINE iOS app's in-app browser has an addres... (How to Fix)

Q: What is the severity of CVE-2025-14021?

CVE-2025-14021 has a CVSS score of 4.3 (MEDIUM). The LINE iOS app's in-app browser has an address bar spoofing vulnerability that allows attackers to display trusted URLs while running malicious JavaScript in iframes. This enables phishing attacks where users see legitimate-looking URLs but interact with malicious content. Only iOS LINE app users with versions below 14.14 are affected.

📋 TL;DR

The LINE iOS app's in-app browser has an address bar spoofing vulnerability that allows attackers to display trusted URLs while running malicious JavaScript in iframes. This enables phishing attacks where users see legitimate-looking URLs but interact with malicious content. Only iOS LINE app users with versions below 14.14 are affected.

💻 Affected Systems

Products:

LINE for iOS

Versions: All versions prior to 14.14

Operating Systems: iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the in-app browser within LINE iOS app. Does not affect LINE for Android, desktop, or web versions.

📦 What is this software?

Line by Linecorp

View all CVEs affecting Line →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be tricked into entering sensitive credentials, financial information, or personal data into malicious forms that appear to be legitimate websites, leading to account compromise, financial loss, or identity theft.

🟠

Likely Case

Phishing attacks where users are tricked into clicking malicious links within LINE that appear to lead to trusted sites but instead capture login credentials or personal information.

🟢

If Mitigated

Users who verify URLs carefully and avoid clicking suspicious links would be protected, though the visual deception makes this difficult without the patch.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (clicking a malicious link) but the technical barrier is low once the malicious page is created.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.14 and later

Vendor Advisory: https://hackerone.com/reports/2548498

Restart Required: No

Instructions:

1. Open the App Store on your iOS device. 2. Search for 'LINE'. 3. Tap 'Update' if available. 4. Ensure version is 14.14 or higher.

🔧 Temporary Workarounds

Use External Browser

ios

Configure LINE to open links in Safari instead of the in-app browser

Avoid Clicking Links

all

Do not click links within LINE messages, especially from unknown senders

🧯 If You Can't Patch

Educate users to manually verify URLs by checking the actual address bar before entering any information
Implement web filtering or URL analysis tools to block known malicious domains

🔍 How to Verify

Check if Vulnerable:

Check LINE app version in iOS Settings > LINE > Version. If below 14.14, you are vulnerable.

Check Version:

Not applicable - check via iOS Settings app

Verify Fix Applied:

Confirm LINE app version is 14.14 or higher in iOS Settings > LINE > Version.

📡 Detection & Monitoring

Log Indicators:

Unusual iframe loading patterns in web logs
Multiple redirects to suspicious domains

Network Indicators:

HTTP requests to known phishing domains from LINE user agents
Suspicious JavaScript loading patterns

SIEM Query:

Not typically applicable for client-side mobile app vulnerabilities

📊 Metadata

CVE ID: CVE-2025-14021

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-451

EPSS Score: 0.03% exploit probability (7.9th percentile)

Published: December 15, 2025

Last Updated: December 18, 2025

🔗 References

https://hackerone.com/reports/2548498 Permissions Required,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14021, you might also want to check these: