CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7697 – Logical vulnerability in com.transsion.carlcare
https://notcve.org/view.php?id=CVE-2024-7697
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks. • https://security.tecno.com/SRC/blogdetail/294?lang=en_US https://security.tecno.com/SRC/securityUpdates https://security.tecno.com/SRC/securityUpdates?type=SA • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5163 – Improper permission settings in com.transsion.carlcare
https://notcve.org/view.php?id=CVE-2024-5163
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks. La configuración incorrecta de permisos para aplicaciones móviles (com.transsion.carlcare) puede provocar riesgos de seguridad de la cuenta y la contraseña del usuario. • https://security.tecno.com/SRC/blogdetail/267?lang=en_US https://security.tecno.com/SRC/securityUpdates https://security.tecno.com/SRC/securityUpdates?type=SA • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-732: Incorrect Permission Assignment for Critical Resource •