CVE-2014-5793
Description
The Bilgi Yarisi (aka net.mobilecraft.bilgiyarisi) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
The Bilgi Yarisi Android app 1.8 fails to validate SSL certificates, enabling MITM attacks to intercept sensitive data.
Vulnerability
The Bilgi Yarisi (net.mobilecraft.bilgiyarisi) application version 1.8 for Android does not properly verify X.509 certificates from SSL servers [1]. This vulnerability allows any HTTPS connection made by the app to be intercepted by a man-in-the-middle attacker presenting a crafted certificate.
Exploitation
An attacker must be on the same network as the Android device (e.g., a malicious Wi-Fi hotspot) to perform a man-in-the-middle attack [1]. By presenting a forged certificate, the attacker can intercept and potentially modify all HTTPS traffic between the app and its servers.
Impact
Successful exploitation allows the attacker to obtain sensitive information transmitted by the app, such as user credentials or personal data [1]. The CERT/CC note also indicates that arbitrary code execution may be possible depending on the app's functionality.
Mitigation
No official patch has been released for this application [1]. Users are advised to avoid using the Bilgi Yarisi app and instead access any related services through a web browser, which typically implements proper certificate validation.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- cpe:2.3:a:mobilecraft:bilgi_yarisi:1.8:*:*:*:*:android:*:*
- Range: 1.8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.kb.cert.org/vuls/id/582497nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/477777nvdUS Government Resource
- docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/editnvd
News mentions
0No linked articles in our index yet.