CVE-2024-42496

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-42496
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device to access the related external service.

2.4 /10

CVSS v3 : LOW

V3 Legend

Vector : AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability : 0.9 / Impact : 1.4

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://jvn.jp/en/jp/JVN42445661/
https://tsc-soft.co.jp/smart-tab/
Configurations

No configuration.

History

30 Sep 2024, 12:45

Type Values Removed Values Added
Summary
  • (es) La aplicación Smart-tab para Android instalada en abril de 2023 o antes contiene un problema con el almacenamiento de texto plano de una contraseña. Si se aprovecha esta vulnerabilidad, un atacante con acceso físico al dispositivo puede recuperar la información de credenciales y falsificar el dispositivo para acceder al servicio externo relacionado.

30 Sep 2024, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-30 08:15

Updated : 2024-09-30 12:45

NVD link : CVE-2024-42496

Mitre link : CVE-2024-42496

CVE.ORG link : CVE-2024-42496

JSON object : View

Products Affected

No product.

CWE
CWE-256

Plaintext Storage of a Password


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024