5.9

CVE-2024-27350

Medienbericht
Exploit
Amazon Fire OS 7 before 7.6.6.9 and 8 before 8.1.0.3 allows Fire TV applications to establish local ADB (Android Debug Bridge) connections. NOTE: some third parties dispute whether this has security relevance, because an ADB connection is only possible after the (non-default) ADB Debugging option is enabled, and after the initiator of that specific connection attempt has been approved via a full-screen prompt.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AmazonFire Os Version >= 7 < 7.6.6.9
AmazonFire Os Version >= 8 < 8.1.0.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.33% 0.242
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.9 2.5 3.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://developer.amazon.com/docs/fire-tv/fire-os-overview.html
Product
https://news.ycombinator.com/item?id=39496861
Issue Tracking
https://www.aftvnews.com/amazon-blocks-long-running-fire-tv-capability-breaking-popular-apps-with-no-warning-and-giving-developers-the-runaround/
Third Party Advisory
Exploit
Press/Media Coverage