Vulnerability Description
An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote attacker to obtain sensitive information via an insecure API endpoint. NOTE: this is disputed as discussed in the msn-official/CVE-Evidence repository.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/aaravavi/TVS-Connect-Application-VAPT
- https://github.com/aaravavi/TVS-Connect-Application-VAPT/tree/main
- https://github.com/msn-official/CVE-Evidence
- https://github.com/aaravavi/TVS-Connect-Application-VAPT
- https://github.com/aaravavi/TVS-Connect-Application-VAPT/tree/main
- https://github.com/msn-official/CVE-Evidence
FAQ
What is CVE-2024-33309?
CVE-2024-33309 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote attacker to obtain sensitive information via an insecure API endpoint. NOTE: this is disputed as discus...
How severe is CVE-2024-33309?
CVE-2024-33309 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-33309?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.