CVE-2024-10748
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Summary
CVE-2024-10748 is a vulnerability identified in Cosmote Greece What's Up App version 4.47.3 on Android. The issue lies within the Realm Database Handler component, specifically in the file RealmDB.java located in gr/desquared/kmmsharedmodule/db. This vulnerability arises when the defaultRealmKey argument is manipulated, leading to the use of a default cryptographic key. To exploit this weakness, an attacker must gain local access to the system. The complexity and difficulty of an attack are relatively high, and the vendor has been notified but has not responded.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.