Full Report
Path Traversal vulnerability (CVE-2024-11136) has been found in TCL Camera software.
Analysis Summary
# Vulnerability: Path Traversal in TCL Camera Software Allows Arbitrary File Deletion
## CVE Details
- CVE ID: CVE-2024-11136
- CVSS Score: Not explicitly provided in the text (Severity cannot be definitively assessed without the score, but Path Traversal leading to arbitrary file deletion suggests High severity).
- CWE: CWE-35 (Path Traversal)
## Affected Systems
- Products: TCL Camera software
- Versions: v6.00.04.0067.3.0 (Specific tested version; vendor suggests it may affect all versions)
- Configurations: Default TCL Camera application configuration.
## Vulnerability Description
The default TCL Camera application exposes a content provider that is vulnerable to a Path Traversal attack. An attacker controlling another application on the system can supply a maliciously crafted URI path to this provider. This vulnerability allows the attacker to delete arbitrary files located on the user’s external storage.
## Exploitation
- Status: Not explicitly stated as exploited in the wild, but PoC feasibility is implied by the existence of the report.
- Complexity: Likely Low, as triggering exploitation requires appealing to an internal provider via a malicious URI.
- Attack Vector: Local (Requires access to another application environment on the same device).
## Impact
- Confidentiality: Potentially Moderate (If configuration or sensitive user data is stored as files on external storage that could be inadvertently deleted).
- Integrity: High (Arbitrary file deletion on external storage).
- Availability: High (Service disruption or data loss due to file deletion).
## Remediation
### Patches
- No specific patched version was provided in the advisory, as the vendor did not respond to disclosure attempts.
### Workarounds
- Temporary mitigations are not specified in the provided summary, given the lack of vendor response. Users should restrict permissions for the TCL Camera application if possible, though the mechanism relies on internal application interaction.
## Detection
- Indicators of compromise: Unexpected loss of user files stored on external storage associated with device activity.
- Detection methods and tools: Standard file system monitoring for deletion events originating from the TCL Camera application process interacting with external storage paths.
## References
- Vendor advisories: None publicly available due to non-response.
- Relevant links - defanged:
- Source Article: hxxps://cert.pl/en/news/publikacje/vulnerability-in-tcl-camera-software
- CVD Process: hxxps://cert.pl/en/cvd/