Uncovered Debug Code Vulnerability Threatens Electric Vehicle Security

CVE-2024-41999

6.8MEDIUM

Key Information

Vendor: Techno Support Company
Status: Smart-tab Android App
Vendor: CVE Published:; 30 September 2024

Summary

Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device's settings, or spoof devices in other rooms.

Affected Version(s)

Smart-tab Android app = installed April 2023 or earlier

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 6.8 - (MEDIUM)
Sep 30, 2024
Vulnerability published.
Sep 30, 2024
Vulnerability Reserved.
Sep 18, 2024

Collectors

NVD DatabaseMitre Database