CVE-2024-53701 LOW

CVE-2024-53701

Vendor Fcnt Llc
Product arrows N F-51C
Weakness CWE-306 · Missing auth
Published November 29, 2024
Last update December 3, 2024

CVSS base score

3.1/10
Attack vector Physical
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.

Key dates

02Disclosure timeline

November 29, 2024 CVE published
December 3, 2024 Record updated