HCL DRYiCE AEX Vulnerable to Missing Root Detection
CVE-2024-30111

3.3LOW

Key Information:

Vendor: Hcl Software
Status: Dryice Aex
Vendor: CVE Published:; 28 June 2024

Summary

HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breaches or other malicious activities.

Affected Version(s)

DRYiCE AEX 10

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 28, 2024
Vulnerability Reserved
Mar 22, 2024