CVE-2023-31280
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 21, 2024
CWE ID 200
Summary
CVE-2023-31280 is a vulnerability affecting the AirVantage online Warranty Checker tool. Previously, the tool would disclose IMEI and Serial Number pairs in addition to warranty status when looking up information using a Serial Number or IMEI. This issue could enable attackers to perform bulk enumeration of such pairs, posing a potential privacy risk. The vulnerability has been mitigated with an update that no longer returns the IMEI and Serial Number alongside warranty status.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share