Unauthorized Access Vulnerability in Transsion Phoenix Mobile Application Can Leak User Information
CVE-2024-11206

7.5HIGH

Key Information:

Vendor: Tecno
Status: Com.transsion.phoenix
Vendor: CVE Published:; 14 November 2024

What is CVE-2024-11206?

The Transsion Phoenix mobile application is susceptible to an unauthorized access vulnerability that could allow attackers to gain access to sensitive user information. This security flaw may expose personal data, creating a significant risk for users. It is crucial for users of the Transsion Phoenix app to be aware of this vulnerability and take necessary precautions until a fix is implemented. Regularly updating the application and monitoring for security updates from the vendor is recommended to mitigate potential risks associated with this vulnerability.

Affected Version(s)

com.transsion.phoenix 14.1.2.4700 < 15.6.0.5020

References

https://security.tecno.com/SRC/blogdetail/340?lang=en_US

https://security.tecno.com/SRC/securityUpdates

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2024
Vulnerability Reserved
Nov 14, 2024

Tecno

What is CVE-2024-11206?

Affected Version(s)

References

CVSS V3.1

Timeline