Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

References
Link Providers
https://security.tecno.com/SRC/blogdetail/267?lang=en_US cve-icon cve-icon cve-icon
https://security.tecno.com/SRC/securityUpdates cve-icon
https://security.tecno.com/SRC/securityUpdates?type=SA cve-icon cve-icon
History

Wed, 21 Aug 2024 06:00:00 +0000

Type Values Removed Values Added
Title Improper permission settings in com.transsion.carlcare
Weaknesses CWE-732
References
cve-icon MITRE

Status: PUBLISHED

Assigner: TECNOMobile

Published: 2024-06-17T03:07:04.982Z

Updated: 2024-08-21T05:48:10.193Z

Reserved: 2024-05-21T01:32:57.974Z

Link: CVE-2024-5163

cve-icon Vulnrichment

Updated: 2024-08-01T21:03:11.047Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-06-17T03:15:09.057

Modified: 2024-08-21T06:15:07.277

Link: CVE-2024-5163

cve-icon Redhat

No data.