Bypass Exploit in Norton App Lock Affects Symantec's Mobile Security
CVE-2018-5242

6.2MEDIUM

Key Information:

Vendor: Symantec Corporation
Status: Norton App Lock
Vendor: CVE Published:; 13 June 2018

Summary

The Norton App Lock application, prior to version 1.3.0.329, is exposed to a bypass exploit that allows unauthorized access to the device by evading the security measures intended to lock applications. This vulnerability could lead to significant privacy risks, as it permits users to circumvent the app's locking mechanism, ultimately granting access to sensitive information stored on the device. Addressing this issue is crucial to maintaining the security integrity of users' mobile devices.

Affected Version(s)

Norton App Lock Prior to version 1.3.0.329

References

http://www.securityfocus.com/bid/104414

vdb-entryx_refsource_BID

https://support.symantec.com/en_US/article.SYMSA1453.html

x_refsource_CONFIRM

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2018
Vulnerability Reserved
Jan 5, 2018