Unrated severityNVD Advisory· Published Feb 15, 2024· Updated Mar 13, 2025
Hard-coded credentials in iZZi connect application
CVE-2024-0390
Description
INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit "reQnet iZZi".This issue affects "iZZi connect" application versions before 2024010401.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2024010401+ 1 more
- (no CPE)range: <2024010401
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2- cert.pl/en/posts/2024/02/CVE-2024-0390/mitrethird-party-advisory
- cert.pl/posts/2024/02/CVE-2024-0390/mitrethird-party-advisory
News mentions
0No linked articles in our index yet.