CVE-2024-41999 Vulnerability Details

  /     /     /  

CVE-2024-41999 Metadata Quick Info

CVE Published: 30/09/2024 | CVE Updated: 30/09/2024 | CVE Year: 2024
Source: jpcert | Vendor: TECHNO SUPPORT COMPANY | Product: Smart-tab Android app
Status : PUBLISHED

---

CVE-2024-41999 Description

Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device\'s settings, or spoof devices in other rooms.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-489
CWE Name: Active debug code
Source: TECHNO SUPPORT COMPANY

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).