CVE-2024-30111

LOW

HCL DRYiCE AEX - Missing Root Detection

Title source: llm

Description

HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breaches or other malicious activities.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193

Scores

CVSS v3 3.3

EPSS 0.0040

EPSS Percentile 60.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1326

Status published

Products (1)

hcltech/dryice_aex 10.0

Published Jun 28, 2024

Tracked Since Feb 18, 2026