Low severity3.9NVD Advisory· Published Jun 25, 2024· Updated Apr 15, 2026

CVE-2024-6295

Description

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.twcert.org.tw/en/cp-139-7895-80dac-2.htmlnvd
www.twcert.org.tw/tw/cp-132-7894-aebd8-1.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.254
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000