Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.
History

Fri, 06 Dec 2024 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-06-20T19:38:42.467Z

Updated: 2024-12-06T21:34:38.813Z

Reserved: 2023-05-25T19:20:22.591Z

Link: CVE-2023-32274

cve-icon Vulnrichment

Updated: 2024-08-02T15:10:24.324Z

cve-icon NVD

Status : Modified

Published: 2023-06-20T20:15:09.413

Modified: 2024-11-21T08:03:01.410

Link: CVE-2023-32274

cve-icon Redhat

No data.