CVE-2022-1716

Опубликовано: 02 июн. 2022

Источник: nvd

CVSS3: 4.6

CVSS2: 2.1

EPSS Низкий

Описание

Keep My Notes v1.80.147 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.

Ссылки

http://www.kitetech.co/keepmynotes
Product
Vendor Advisory
https://fluidattacks.com/advisories/tyler/
Exploit
Third Party Advisory
http://www.kitetech.co/keepmynotes
Product
Vendor Advisory
https://fluidattacks.com/advisories/tyler/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kitetech:keep_my_notes:1.80.147:*:*:*:*:android:*:*

EPSS

Процентиль: 20%

0.00063

Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c93x-56c5-pf53