Description
A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive data and execute arbitrary commands with elevated privileges.
References (2)
Core 2
Core References
Various Sources
http://thinkware.com
Various Sources
https://geochen.medium.com/cve-2024-53614-61b48c3b45d6
Scores
CVSS v3
6.5
EPSS
0.0055
EPSS Percentile
41.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-798
Status
published
Published
Dec 04, 2024
Tracked Since
Feb 18, 2026