CVE-2021-43171

EPSS 0.3%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

22 Aug 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Improper verification of applications' cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user's systems by altering the server's API response.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gitlab.e.foundation/e/os/releases/-/releases/v0.19-q#sparkles-we-embedded-other-improvements https://nervuri.net/e/apps