CVE-2024-50684 - CERT CVE
ID CVE-2024-50684
Sažetak SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt client data (insufficient entropy). This may allow attackers to decrypt intercepted communications between the mobile app and iSolarCloud.
Reference
CVSS
Base: 6.5
Impact: 4.2
Exploitability:2.2
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Zadnje važnije ažuriranje 07-04-2025 - 18:51
Objavljeno 26-02-2025 - 21:15