CVE-2024-41999

MEDIUM

Smart-tab Android app <April 2023 - Privilege Escalation

Title source: llm

Description

Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device's settings, or spoof devices in other rooms.

References (2)

[Various Sources] https://tsc-soft.co.jp/smart-tab/

[Third Party Advisory] https://jvn.jp/en/jp/JVN42445661/

Scores

CVSS v3 6.8

EPSS 0.0017

EPSS Percentile 37.8%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-489

Status draft

Timeline

Published Sep 30, 2024

Tracked Since Feb 18, 2026