CVE-2024-10748

Cosmote Greece What's Up App Realm Database RealmDB.java default key

CVSS 2 LOWEPSS 0.3%CWE-1394

In short

The Cosmote Greece What's Up App uses a default encryption key for its local database, which could allow someone with access to the device to read stored data more easily. This is a low-risk issue because it requires physical access to the phone and is difficult to exploit.

Technical detail

The Realm Database handler in gr/desquared/kmmsharedmodule/db/RealmDB.java uses a hardcoded or predictable default cryptographic key (defaultRealmKey) instead of a unique key, enabling local attackers with device access to decrypt the database. Exploitation requires high complexity and device-level access, but reduces the confidentiality protection of stored sensitive data.

Summary generated and translated by AI from the official description.

A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument defaultRealmKey leads to use of default cryptographic key. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

Cosmote Greece · What's Up App

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/secuserx/CVE/blob/main/%5BHardcoded%20Realm%20Database%20Encryption%20Key%5D%20found%20in%20What's%20UP%20Android%20App%204.47.3%20-%20(RealmDB.java).md https://vuldb.com/?ctiid.282917 https://vuldb.com/?id.282917 https://vuldb.com/?submit.432429