PT-2024-26528 · Tvs · Tvs Connect Ios+1

Aarav Sinha

Published

2024-06-21

Updated

2024-06-24

CVE-2024-35537

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions TVS Connect Android version 4.6.0 TVS Connect IOS version 5.0.0

Description The issue concerns the insecure handling of the RSA key pair, potentially allowing attackers to access sensitive information through decryption.

Recommendations For TVS Connect Android version 4.6.0, update to a version that securely handles the RSA key pair. For TVS Connect IOS version 5.0.0, update to a version that securely handles the RSA key pair.

Exploit

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327

Related Identifiers

CVE-2024-35537

Affected Products

Tvs Connect Android

Tvs Connect Ios

PT-2024-26528 · Tvs · Tvs Connect Ios+1

CVE-2024-35537

Weakness Enumeration

Related Identifiers

Affected Products

References · 5