CVE-2024-49416
CVSS 3.1 Score 4.0 of 10 (medium)
Details
Published Dec 3, 2024
Summary
CVE-2024-49416 is a vulnerability affecting SmartThings versions prior to 1.8.21. This issue arises from the use of implicit intent for sensitive communication, allowing local attackers to gain access to confidential information. With this exploit, attackers can bypass intended access controls and potentially discover personal data or sensitive system details. This vulnerability highlights the importance of keeping IoT devices updated to protect against such security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share