CVE-2024-41999

MEDIUM

Smart-tab Android app <April 2023 - Privilege Escalation

Title source: llm

Description

Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device's settings, or spoof devices in other rooms.

References (2)

[Various Sources] https://tsc-soft.co.jp/smart-tab/

[Third Party Advisory] https://jvn.jp/en/jp/JVN42445661/

Scores

CVSS v3 6.8

EPSS 0.0017

EPSS Percentile 37.6%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-489

Status published

Products (1)

TECHNO SUPPORT COMPANY/Smart-tab Android app installed April 2023 or earlier

Published Sep 30, 2024

Tracked Since Feb 18, 2026