Описание
A vulnerability was found in the MIUI OS version 10.1.3.0 that allows a physically proximate attacker to bypass Lockscreen based authentication via the Wallpaper Carousel application to obtain sensitive Clipboard data and the user's stored credentials (partially). This occurs because of paste access to a social media login page.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:miui:miui:10.1.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00086
Низкий
6.8 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
A vulnerability was found in the MIUI OS version 10.1.3.0 that allows a physically proximate attacker to bypass Lockscreen based authentication via the Wallpaper Carousel application to obtain sensitive Clipboard data and the user's stored credentials (partially). This occurs because of paste access to a social media login page.
EPSS
Процентиль: 25%
0.00086
Низкий
6.8 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-287