CVE-2024-41999 MEDIUM

CVE-2024-41999

Vendor Techno Support Company
Product Smart-tab Android app
Weakness CWE-489
Published September 30, 2024
Last update September 30, 2024

CVSS base score

6.8/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device's settings, or spoof devices in other rooms.

Key dates

02Disclosure timeline

September 30, 2024 CVE published
September 30, 2024 Record updated