Authentication Bypass Vulnerability in Norton App Lock by Symantec
CVE-2017-15534

6.7MEDIUM

Key Information:

Vendor: Symantec Corporation
Status: Norton App Lock
Vendor: CVE Published:; 26 March 2018

🔔 Create Symantec Corporation Vulnerability Alert

What is CVE-2017-15534?

The Norton App Lock application, designed to secure mobile devices, has a vulnerability that permits an authentication bypass. Users can exploit this flaw by terminating the app, which disables its locking functionality. Consequently, this allows unauthorized individuals to gain access to the device without proper authentication. It is crucial for users of Norton App Lock to update to version 1.3.0.13 or later to mitigate this risk.

Affected Version(s)

Norton App Lock Prior to version 1.3.0.13

References

https://www.symantec.com/security_response/securityupdate...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103377

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2018
Vulnerability Reserved
Oct 17, 2017