Environment Variable Manipulation in NoMachine App for Android by NoMachine
CVE-2018-0664

9.8CRITICAL

Key Information:

Vendor: Nomachine S.a R.l.
Status: Nomachine App For Android
Vendor: CVE Published:; 4 September 2018

🔔 Create Nomachine S.a R.l. Vulnerability Alert

What is CVE-2018-0664?

A vulnerability in the NoMachine App for Android versions 5.0.63 and earlier allows attackers to exploit unspecified vectors to manipulate environment variables. This manipulation could lead to unauthorized access or further exploitation of the application, making it crucial for users to update to the latest version to mitigate potential risks.

Affected Version(s)

NoMachine App for Android 5.0.63 and earlier

References

https://www.nomachine.com/TR06P08619

x_refsource_CONFIRM

http://jvn.jp/en/jp/JVN14451678/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2018
Vulnerability Reserved
Nov 27, 2017

CVE-2018-0664 Data

JSON