CVE-2024-38272 Information

Description

There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file dialog on QuickShare Windows. Normally in QuickShare Windows app we can’t send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We recommend upgrading to version 1.0.1724.0 of Quickshare or above

Reference

https://github.com/google/nearby/pull/2589 https://github.com/google/nearby/pull/2402