CVE-2024-41999

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Sep 30, 2024

CWE ID 489

Summary

CVE-2024-41999 is a vulnerability affecting the Smart-tab Android app installed before April 2023. This issue involves an active debug code, which if exploited by an attacker with physical access to the device, can grant them access to the OS functions. The attacker may then escalate privileges, change device settings, or even spoof devices in other rooms. This vulnerability poses a significant risk, especially in corporate and public environments where multiple devices may be accessible to unauthorized individuals. Users are strongly encouraged to update the app as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ywN3hL
https://www.cve.org/CVERecord?id=CVE-2024-41999
https://nvd.nist.gov/vuln/detail/CVE-2024-41999

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-41999

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations