CVE-2024-42496 LOW

CVE-2024-42496

Vendor Techno Support Company
Product Smart-tab Android app
Weakness CWE-256
Published September 30, 2024
Last update September 30, 2024

CVSS base score

2.4/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device to access the related external service.

Key dates

02Disclosure timeline

September 30, 2024 CVE published
September 30, 2024 Record updated