PT-2024-21841 · Amazon · Amazon Fire Os
Published
2024-02-24
·
Updated
2025-09-18
·
CVE-2024-27350
CVSS v3.1
5.9
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Amazon Fire OS versions 7.0.0 through 7.6.6.8
Amazon Fire OS versions 8.0.0 through 8.1.0.2
Description
The issue allows Fire TV applications to establish local ADB (Android Debug Bridge) connections. This is only possible after the non-default ADB Debugging option is enabled and the initiator of the connection attempt has been approved via a full-screen prompt. Some third parties dispute the security relevance of this issue.
Recommendations
For Amazon Fire OS versions 7.0.0 through 7.6.6.8, update to version 7.6.6.9 or later.
For Amazon Fire OS versions 8.0.0 through 8.1.0.2, update to version 8.1.0.3 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Amazon Fire Os