CVE Catalog

CVE-2024-48772

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.44%

36th percentile - higher than 36% of all known CVEs

Summary

A vulnerability in C-CHIP (com.cchip.cchipamaota) version 1.2.8 allows a remote attacker to obtain sensitive information through the firmware update process.

Risk Assessment

The organization is at risk of sensitive data leakage, which could be used for further attacks or compromise user privacy.

Recommendation

Immediately update the C-CHIP application to the latest available version and restrict access to the update process to trusted sources only.

Original NVD description (English source)

An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS