CVE-2024-42496

Published Sep 30, 2024

Last updated 2 months ago

CVSS low 2.4

Overview

Description
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device to access the related external service.
Source
vultures@jpcert.or.jp
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
2.4
Impact score
1.4
Exploitability score
0.9
Vector string
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity
LOW

Weaknesses

vultures@jpcert.or.jp
CWE-256

Social media

Hype score
Not currently trending

References