PT-2025-9290 · Google · Widevine

Published

2025-03-03

·

Updated

2025-03-12

·

CVE-2024-43051

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions The product name cannot be determined.
Description The issue involves information disclosure when deriving keys for a session in any Widevine use case.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-285

Related Identifiers

CVE-2024-43051

Affected Products

Widevine