CVE-2024-10576 (GCVE-0-2024-10576)

Vulnerability from cvelistv5 – Published: 2024-12-04 12:02 – Updated: 2024-12-04 21:01
VLAI
Title
Unauthorized factory reset of Infinix devices
Summary
Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.  After multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.
Severity
9.4 (Critical)
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/R:I/V:D/U:Amber
CWE
  • CWE-925 - Improper Verification of Intent by Broadcast Receiver
Assigner
References
Impacted products
Credits
Szymon Chadam
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:infinix_mobile:com.transmission.agingfunction:13:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "com.transmission.agingfunction",
            "vendor": "infinix_mobile",
            "versions": [
              {
                "status": "affected",
                "version": "13"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10576",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-04T19:48:36.525706Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-04T21:01:06.241Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Android"
          ],
          "product": "com.transsion.agingfunction",
          "vendor": "Infinix Mobile",
          "versions": [
            {
              "status": "affected",
              "version": "13"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Szymon Chadam"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Infinix devices contain a pre-loaded \"com.transsion.agingfunction\" application, that\u0026nbsp;exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices."
            }
          ],
          "value": "Infinix devices contain a pre-loaded \"com.transsion.agingfunction\" application, that\u00a0exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\u00a0\n\nAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-166",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-166 Force the System to Reset Values"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "IRRECOVERABLE",
            "Safety": "NEGLIGIBLE",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/R:I/V:D/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-925",
              "description": "CWE-925 Improper Verification of Intent by Broadcast Receiver",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-04T12:02:54.241Z",
        "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "shortName": "CERT-PL"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/en/posts/2024/12/CVE-2024-10576/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/posts/2024/12/CVE-2024-10576/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Unauthorized factory reset of Infinix devices",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
    "assignerShortName": "CERT-PL",
    "cveId": "CVE-2024-10576",
    "datePublished": "2024-12-04T12:02:22.601Z",
    "dateReserved": "2024-10-31T10:16:21.663Z",
    "dateUpdated": "2024-12-04T21:01:06.241Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-10576",
      "date": "2026-05-28",
      "epss": "0.00049",
      "percentile": "0.15468"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Infinix devices contain a pre-loaded \\\"com.transsion.agingfunction\\\" application, that\\u00a0exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\\u00a0\\n\\nAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos Infinix contienen una aplicaci\\u00f3n \\\"com.transsion.agingfunction\\\" precargada que expone un receptor de transmisi\\u00f3n no seguro. Un atacante puede comunicarse con el receptor y forzar al dispositivo a realizar un restablecimiento de f\\u00e1brica sin ning\\u00fan permiso del sistema Android. Despu\\u00e9s de varios intentos de contactar al proveedor, no recibimos ninguna respuesta. Suponemos que este problema afecta a todos los dispositivos m\\u00f3viles Infinix.\"}]",
      "id": "CVE-2024-10576",
      "lastModified": "2024-12-04T12:15:18.463",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"cvd@cert.pl\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:X/R:I/V:D/RE:X/U:Amber\", \"baseScore\": 9.4, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"HIGH\", \"subsequentSystemIntegrity\": \"HIGH\", \"subsequentSystemAvailability\": \"HIGH\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NEGLIGIBLE\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"IRRECOVERABLE\", \"valueDensity\": \"DIFFUSE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"AMBER\"}}]}",
      "published": "2024-12-04T12:15:18.463",
      "references": "[{\"url\": \"https://cert.pl/en/posts/2024/12/CVE-2024-10576/\", \"source\": \"cvd@cert.pl\"}, {\"url\": \"https://cert.pl/posts/2024/12/CVE-2024-10576/\", \"source\": \"cvd@cert.pl\"}]",
      "sourceIdentifier": "cvd@cert.pl",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"cvd@cert.pl\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-925\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-10576\",\"sourceIdentifier\":\"cvd@cert.pl\",\"published\":\"2024-12-04T12:15:18.463\",\"lastModified\":\"2024-12-04T12:15:18.463\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Infinix devices contain a pre-loaded \\\"com.transsion.agingfunction\\\" application, that\u00a0exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\u00a0\\n\\nAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos Infinix contienen una aplicaci\u00f3n \\\"com.transsion.agingfunction\\\" precargada que expone un receptor de transmisi\u00f3n no seguro. Un atacante puede comunicarse con el receptor y forzar al dispositivo a realizar un restablecimiento de f\u00e1brica sin ning\u00fan permiso del sistema Android. Despu\u00e9s de varios intentos de contactar al proveedor, no recibimos ninguna respuesta. Suponemos que este problema afecta a todos los dispositivos m\u00f3viles Infinix.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cvd@cert.pl\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:X/R:I/V:D/RE:X/U:Amber\",\"baseScore\":9.4,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NEGLIGIBLE\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"IRRECOVERABLE\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"cvd@cert.pl\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-925\"}]}],\"references\":[{\"url\":\"https://cert.pl/en/posts/2024/12/CVE-2024-10576/\",\"source\":\"cvd@cert.pl\"},{\"url\":\"https://cert.pl/posts/2024/12/CVE-2024-10576/\",\"source\":\"cvd@cert.pl\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-10576\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-04T19:48:36.525706Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:infinix_mobile:com.transmission.agingfunction:13:*:*:*:*:*:*:*\"], \"vendor\": \"infinix_mobile\", \"product\": \"com.transmission.agingfunction\", \"versions\": [{\"status\": \"affected\", \"version\": \"13\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-04T20:04:28.995Z\"}}], \"cna\": {\"title\": \"Unauthorized factory reset of Infinix devices\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Szymon Chadam\"}], \"impacts\": [{\"capecId\": \"CAPEC-166\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-166 Force the System to Reset Values\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NEGLIGIBLE\", \"version\": \"4.0\", \"Recovery\": \"IRRECOVERABLE\", \"baseScore\": 9.4, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/R:I/V:D/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Infinix Mobile\", \"product\": \"com.transsion.agingfunction\", \"versions\": [{\"status\": \"affected\", \"version\": \"13\"}], \"platforms\": [\"Android\"], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert.pl/en/posts/2024/12/CVE-2024-10576/\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://cert.pl/posts/2024/12/CVE-2024-10576/\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Infinix devices contain a pre-loaded \\\"com.transsion.agingfunction\\\" application, that\\u00a0exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\\u00a0\\n\\nAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Infinix devices contain a pre-loaded \\\"com.transsion.agingfunction\\\" application, that\u0026nbsp;exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-925\", \"description\": \"CWE-925 Improper Verification of Intent by Broadcast Receiver\"}]}], \"providerMetadata\": {\"orgId\": \"4bb8329e-dd38-46c1-aafb-9bf32bcb93c6\", \"shortName\": \"CERT-PL\", \"dateUpdated\": \"2024-12-04T12:02:54.241Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-10576\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-04T21:01:06.241Z\", \"dateReserved\": \"2024-10-31T10:16:21.663Z\", \"assignerOrgId\": \"4bb8329e-dd38-46c1-aafb-9bf32bcb93c6\", \"datePublished\": \"2024-12-04T12:02:22.601Z\", \"assignerShortName\": \"CERT-PL\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.