CVE-2024-48538
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk38th percentile - higher than 38% of all known CVEs
Summary
Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file.
Risk Assessment
The organization is at risk of sensitive data leakage, such as API keys or passwords, which could lead to unauthorized system access and security breaches.
Recommendation
Immediately update the Neye3C firmware to the latest version and conduct a security audit of APK files to remove sensitive data from the source code.
Original NVD description (English source)
Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file.

