TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely handle the RSA key pair, allowing attackers to possibly access sensitive information via decryption.
References
Link | Resource |
---|---|
https://github.com/aaravavi/TVS-Connect-Application-VAPT | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Jun 2024, 19:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:tvsmotor:tvs_connect:5.0.0:*:*:*:*:iphone_os:*:* cpe:2.3:a:tvsmotor:tvs_connect:4.6.0:*:*:*:*:android:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-327 | |
First Time |
Tvsmotor tvs Connect
Tvsmotor |
|
References | () https://github.com/aaravavi/TVS-Connect-Application-VAPT - Exploit, Third Party Advisory | |
Summary |
|
21 Jun 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-21 17:15
Updated : 2024-06-24 19:40
NVD link : CVE-2024-35537
Mitre link : CVE-2024-35537
CVE.ORG link : CVE-2024-35537
JSON object : View
Products Affected
tvsmotor
- tvs_connect
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm