CVE-2024-30111

EPSS 0.4%
Veröffentlicht 28.06.2024 07:15:05
Zuletzt bearbeitet 30.10.2025 18:43:57
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL DRYiCE AEX product is impacted by Missing
Root Detection vulnerability in the mobile application. The  mobile app can be installed in the rooted
device due to which malicious users can gain unauthorized access to the rooted
devices, compromising security and potentially leading to data breaches or
other malicious activities.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Dryice Aex Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.4%	0.597

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@hcl.com	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-1326 Missing Immutable Root of Trust in Hardware

A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-30111

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-30111

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-30111

EUVD