- Description
- Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions. After multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.
- Source
- cvd@cert.pl
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 9.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:X/R:I/V:D/RE:X/U:Amber
- Severity
- CRITICAL
- cvd@cert.pl
- CWE-925
- Hype score
- Not currently trending
폴카닷 그리고 2024년에 CVE-2024-10576이랑 CVE-2024-12993 터졌다며? 기본적인 보안도 못하는 병신들. 파라체인이고 나발이고 다 개소리야. 해킹당하면 끝장이지. Immunefi에서 버그 바운티 한다고? 2억 달러 날릴 뻔한 취약점 찾았다며. 개발자들 월급은 뭐하러 주냐?
@geobug437830
17 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
시발 인피넥스 개좆같은 보안 구멍 천지네. 2024년 말에 CVE-2024-10576이랑 CVE-2024-12993 터졌는데 개발자들 뭐했냐? 씨발 기본적인 브로드캐스트 리시버랑 콘텐츠 프로바이더도 제대로 못 막아놨어. 개인정보 다 털리겠네.
@geobug437830
17 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10576 Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an unsecured broadcast receiver. An attacker can communicate with the rec… https://t.co/GBauVSrWVM
@CVEnew
4 Dec 2024
267 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2024-10576: CRITICAL] Vulnerable broadcast receiver in Infinix devices through "com.transsion.agingfunction" app allows attackers to force factory reset without Android system permissions. No response from v...#cybersecurity,#vulnerability https://t.co/7281OVsndg https://t.c
@CveFindCom
4 Dec 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes