CVE-2024-2364

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Mar 10, 2024
Updated: May 17, 2024
CWE ID 89

Summary

CVE-2024-2364 is a newly disclosed vulnerability affecting Musicshelf 1.0/1.1 on Android devices. The issue lies within the Backup Handler component's androidmanifest.xml file and an unknown function. An attacker can manipulate this vulnerability, leading to unauthorized control sphere access and exposure of backup files. The exploit is public, increasing the risk of potential attacks on physical devices. It is recommended that affected users update their Musicshelf application or take other necessary security measures to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Pimcore Admin Classic Bundle

Affected Vendors

  • Pimcore