Mobile Application Vulnerability May Lead to User Information Leakage Risks
CVE-2024-7697

7.5HIGH

Key Information:

Vendor: Tecno
Status: Com.transsion.carlcare
Vendor: CVE Published:; 12 August 2024

What is CVE-2024-7697?

A logical vulnerability identified in the Carlcare mobile application, developed by Transsion, poses a risk of user information leakage. This vulnerability may allow unauthorized access to sensitive user data, highlighting the need for users to remain vigilant and for the vendor to implement necessary security measures. It is crucial for users of the Carlcare application to stay updated on security patches and updates released by Transsion to mitigate potential risks associated with this vulnerability.

Affected Version(s)

com.transsion.carlcare 5.9.5

References

https://security.tecno.com/SRC/blogdetail/294?lang=en_US

https://security.tecno.com/SRC/securityUpdates?type=SA

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2024
Vulnerability Reserved
Aug 12, 2024

Tecno

What is CVE-2024-7697?

Affected Version(s)

References

CVSS V3.1

Timeline