CVE-2024-1662

Missing Authentication for Critical Function, Missing Authorization vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-24-0602	Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-24-0602	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:porty:powerbank:*:*:*:*:*:*:*:*

History

14 Oct 2025, 13:15

Type	Values Removed	Values Added
CWE	~~CWE-200~~	CWE-306 CWE-862
Summary	(en) Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02.	(en) Missing Authentication for Critical Function, Missing Authorization vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02.

12 Sep 2025, 07:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.2~~	v2 : unknown v3 : 7.5

Information

Published : 2024-06-05 12:15

Updated : 2025-10-14 13:15

NVD link : CVE-2024-1662

Mitre link : CVE-2024-1662

CVE.ORG link : CVE-2024-1662

JSON object : View

Products Affected

porty

powerbank

CWE

CWE-306

Missing Authentication for Critical Function

CWE-862

Missing Authorization

NVD-CWE-noinfo

{"id": "CVE-2024-1662", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-06-05T12:15:10.213", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-0602", "tags": ["Third Party Advisory"], "source": "iletisim@usom.gov.tr"}, {"url": "https://www.usom.gov.tr/bildirim/tr-24-0602", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "iletisim@usom.gov.tr", "description": [{"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-862"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Missing Authentication for Critical Function, Missing Authorization vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02."}, {"lang": "es", "value": "Exposici\u00f3n de informaci\u00f3n confidencial a una vulnerabilidad de actor no autorizado en la aplicaci\u00f3n PowerBank de la sociedad an\u00f3nima PORTY Smart Tech Technology permite recuperar datos confidenciales incrustados. Este problema afecta la aplicaci\u00f3n PowerBank: antes de 2.02."}], "lastModified": "2025-10-14T13:15:34.510", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:porty:powerbank:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1AA3CA3-6C96-4619-8691-F6BD65B7FCD8", "versionEndExcluding": "2.02"}], "operator": "OR"}]}], "sourceIdentifier": "iletisim@usom.gov.tr"}