Cyber Resilience

CVE-2024-41955

MediumPublic PoC

Published: 31 July 2024

Published
31 July 2024
Modified
15 August 2024
KEV Added
Patch
CVSS Score v3.1 5.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N
EPSS Score 0.1480 94.7th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-41955 is a medium-severity Open Redirect (CWE-601) vulnerability in Opensecurity Mobile Security Framework. Its CVSS base score is 5.2 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Spearphishing Link (T1566.002); ranked in the top 5.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Mobile Security Framework (MobSF) contains an open redirect vulnerability (CWE-601) in its authentication view. The flaw affects the open-source mobile application analysis platform used for Android, iOS, and Windows Mobile testing and is tracked as CVE-2024-41955 with a CVSS 3.1 score of 5.2.

An attacker with high privileges who can influence the authentication flow may supply a crafted redirect URL. When a victim user interacts with the malicious link, the browser is sent to an attacker-controlled site, enabling limited confidentiality exposure and high-integrity impacts such as phishing or session manipulation.

The project’s security advisory and associated commit recommend immediate upgrade to MobSF version 4.0.5, which contains the fix for the redirect logic. The EPSS score has remained essentially flat near 0.15 with no material post-disclosure increase.

EU & UK References

Vulnerability details

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open redirect vulnerability exist in MobSF authentication view. Update to MobSF v4.0.5.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1566.002 Spearphishing Link Initial Access
Adversaries may send spearphishing emails with a malicious link in an attempt to gain access to victim systems.
Why these techniques?

The open redirect vulnerability in the MobSF login authentication view (?next parameter) allows attackers to craft malicious phishing links that appear to direct to the legitimate MobSF site but redirect users to arbitrary external malicious sites after entering credentials, facilitating spearphishing link attacks.

Affected Assets

opensecurity
mobile security framework
≤ 4.0.5

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-601

Security awareness includes verifying URLs and avoiding untrusted redirects that lead to malicious sites.

addresses: CWE-601

Validates redirect targets and URLs to ensure they conform to allowed destinations.

References