Vulnerabilities > CVE-2024-40239 - Unspecified vulnerability in Hitbytes Life 17.5.0

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

hitbytes

NVD

Published: 2024-11-08

Updated: 2024-11-13

Summary

An incorrect access control issue in Life: Personal Diary, Journal android app 17.5.0 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function.

Vulnerable Configurations

Part	Description	Count
Application	Hitbytes Hitbytes Life 17.5.0	1

References

https://play.google.com/store/apps/details?id=com.hitbytes.minidiarynotes
https://zzzxiin.github.io/post/life-personal-diary/