Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive information by analyzing the code and data within the APK file.
History

Thu, 24 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Ruochan
Ruochan smart Firmware
Weaknesses CWE-863
CPEs cpe:2.3:o:ruochan:smart_firmware:4.4.7:*:*:*:*:*:*:*
Vendors & Products Ruochan
Ruochan smart Firmware
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 24 Oct 2024 16:30:00 +0000

Type Values Removed Values Added
Description Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive information by analyzing the code and data within the APK file.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-10-24T00:00:00

Updated: 2024-10-24T18:15:20.612Z

Reserved: 2024-10-08T00:00:00

Link: CVE-2024-48541

cve-icon Vulnrichment

Updated: 2024-10-24T18:15:13.775Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-24T17:15:17.060

Modified: 2024-10-25T12:56:07.750

Link: CVE-2024-48541

cve-icon Redhat

No data.