Vaishali Nagori

**Name of the Vulnerable Software and Affected Versions** TVS Connect Android version 4.6.0 TVS Connect IOS version 5.0.0 **Description** The issue concerns the insecure handling of the RSA key pair, potentially allowing attackers to access sensitive information through decryption. **Recommendations** For TVS Connect Android version 4.6.0, update to a version that securely handles the RSA key pair. For TVS Connect IOS version 5.0.0, update to a version that securely handles the RSA key pair.

**Name of the Vulnerable Software and Affected Versions** TVS Connet versions 4.5.1 through 4.5.1 TVS Connet version 5.0.0 **Description** An issue in TVS Connet allows a remote attacker to escalate privileges via the Emergency Contact Feature. This issue is disputed as discussed in the msn-official/CVE-Evidence repository. **Recommendations** For TVS Connet version 4.5.1, consider disabling the Emergency Contact Feature until a patch is available. For TVS Connet version 5.0.0, consider disabling the Emergency Contact Feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TVS Connet Android versions 4.5.1 TVS Connet iOS versions 5.0.0 **Description** An issue in TVS Connet allows a remote attacker to obtain sensitive information via an insecure API endpoint. **Recommendations** For TVS Connet Android version 4.5.1, consider restricting access to the API endpoint until a patch is available. For TVS Connet iOS version 5.0.0, consider restricting access to the API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.