CVE-2024-38272
7.1 High
CVSS4
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/SC:H/VI:L/SI:L/VA:L/SA:L
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file dialog on QuickShare Windows.Β Normally in QuickShare Windows app we canβt send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode.Β We recommend upgrading to version 1.0.1724.0 of Quickshare or above
Affected configurations
CNA Affected
[
{
"collectionURL": "https://github.com/google/nearby",
"defaultStatus": "unaffected",
"product": "Nearby",
"repo": "https://github.com/google/nearby",
"vendor": "Google",
"versions": [
{
"lessThan": "1.0.1724.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
7.1 High
CVSS4
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:N/VC:H/SC:H/VI:L/SI:L/VA:L/SA:L
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%