An incorrect access control issue in HomeServe Home Repair' android app - 3.3.4 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function.
References
Link | Resource |
---|---|
http://homeserve.com | Product |
https://apkpure.com/homeserve-home-repair/com.homeserveapp.homeserve | Product |
https://zzzxiin.github.io/post/homeserve/ | Third Party Advisory |
Configurations
History
13 Nov 2024, 20:04
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
CPE | cpe:2.3:a:homeserve:homeserve:3.3.4:*:*:*:*:android:*:* | |
First Time |
Homeserve homeserve
Homeserve |
|
References | () http://homeserve.com - Product | |
References | () https://apkpure.com/homeserve-home-repair/com.homeserveapp.homeserve - Product | |
References | () https://zzzxiin.github.io/post/homeserve/ - Third Party Advisory |
13 Nov 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
Summary |
|
08 Nov 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-08 18:15
Updated : 2024-11-13 20:04
NVD link : CVE-2024-40240
Mitre link : CVE-2024-40240
CVE.ORG link : CVE-2024-40240
JSON object : View
Products Affected
homeserve
- homeserve
CWE