CVE-2024-4988

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: com.transsion.videocallenhancer version 1.1.9.973

Description: The mobile application interface has improper permission control, which can lead to the risk of private file leakage. This issue can result in unauthorized access to private files.

Recommendations: For version 1.1.9.973, update the app immediately and review file permissions to mitigate the risk of private file leakage. As a temporary workaround, consider restricting access to sensitive files until the issue is resolved.

Fix

Improper Access Control

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-269

Related Identifiers

CVE-2024-4988

Affected Products

Com.Transsion.Videocallenhancer

CVE-2024-4988

Weakness Enumeration

Related Identifiers

Affected Products

References · 8