CVE-2024-2364

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Mar 10, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-2364 is a newly disclosed vulnerability affecting Musicshelf 1.0/1.1 on Android devices. The issue lies within the Backup Handler component's androidmanifest.xml file and an unknown function. An attacker can manipulate this vulnerability, leading to unauthorized control sphere access and exposure of backup files. The exploit is public, increasing the risk of potential attacks on physical devices. It is recommended that affected users update their Musicshelf application or take other necessary security measures to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Pimcore Admin Classic Bundle

Affected Vendors

Pimcore

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uMn9GK
https://www.cve.org/CVERecord?id=CVE-2024-2364
https://nvd.nist.gov/vuln/detail/CVE-2024-2364

Back to Vulnerability Database