CVE-2025-14022 – LINE client for iOS versions before 15.4 has a ... (How to Fix)

📋 TL;DR

LINE client for iOS versions before 15.4 has a critical SSL/TLS certificate validation bypass vulnerability in an integrated financial SDK. This allows man-in-the-middle attackers to intercept or modify encrypted communications for a significant portion of network traffic. All iOS LINE users with vulnerable versions are affected.

💻 Affected Systems

Products:

LINE for iOS

Versions: All versions prior to 15.4

Operating Systems: iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability originates from an integrated financial SDK that interferes with the app's network processing. Only affects iOS version of LINE app.

📦 What is this software?

Line by Linecorp

View all CVEs affecting Line →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers can intercept sensitive financial transactions, authentication credentials, private messages, and personal data transmitted through the LINE app, potentially leading to account takeover, financial fraud, and data theft.

🟠

Likely Case

Network-adjacent attackers on public Wi-Fi or compromised networks can intercept LINE communications, potentially capturing login credentials, messages, and financial data.

🟢

If Mitigated

With proper network segmentation and certificate pinning, risk is limited to users on untrusted networks without additional security controls.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network adjacency (same network as victim). No authentication needed. Standard MITM tools can exploit this vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 15.4 and later

Vendor Advisory: https://hackerone.com/reports/2853445

Restart Required: Yes

Instructions:

1. Open the App Store on iOS device
2. Search for 'LINE'
3. Tap 'Update' if available
4. Ensure version is 15.4 or higher
5. Restart the LINE application

🔧 Temporary Workarounds

Avoid Untrusted Networks

all

Prevent exploitation by avoiding public Wi-Fi and untrusted networks where MITM attacks are more likely.

Use VPN

all

Route all LINE traffic through a trusted VPN to encrypt communications end-to-end and prevent local network MITM attacks.

🧯 If You Can't Patch

Discontinue use of LINE app on iOS until patched, use web version or other platforms instead
Implement network-level SSL inspection and certificate validation monitoring to detect MITM attempts

🔍 How to Verify

Check if Vulnerable:

Check LINE app version in iOS Settings > General > iPhone Storage > LINE, or within LINE app settings. If version is below 15.4, the device is vulnerable.

Check Version:

No command line option. Check via iOS Settings or within LINE app settings menu.

Verify Fix Applied:

Confirm LINE app version is 15.4 or higher in app settings. Test with SSL/TLS validation tools to ensure certificate validation is functioning properly.

📡 Detection & Monitoring

Log Indicators:

Unusual certificate validation failures
Multiple SSL/TLS handshake failures from same device
Certificate authority mismatches in network logs

Network Indicators:

Unexpected SSL/TLS certificate changes for LINE domains
MITM proxy detection between client and LINE servers
Abnormal certificate chain validation patterns

SIEM Query:

source="network_traffic" app="LINE" (ssl_validation="failed" OR cert_chain_unusual="true")

📊 Metadata

CVE ID: CVE-2025-14022

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

CWE: CWE-295

EPSS Score: 0.02% exploit probability (5.1th percentile)

Published: December 15, 2025

Last Updated: January 7, 2026

🔗 References

https://hackerone.com/reports/2853445 Permissions Required,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14022, you might also want to check these: