| |
Vulnerability CVE-2020-0943
Published: 2020-04-15
| Description: |
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android Authentication Bypass Vulnerability'. |
Type:
CWE-287 (Improper Authentication)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0943
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
