Privilege Escalation Vulnerability in Norton Identity Safe Software by Symantec
CVE-2018-12240
5.9MEDIUM
What is CVE-2018-12240?
Norton Identity Safe prior to version 5.3.0.976 has a privilege escalation vulnerability that arises from the use of a hard-coded initialization vector (IV). This flaw can allow unauthorized access to encrypted data, potentially enabling an attacker to recover sensitive information without possessing the required credentials, thus undermining user data security. Organizations utilizing affected versions are advised to upgrade to mitigate this risk.
Affected Version(s)
Norton Identity Safe for Android Prior to 5.3.0.976