Security Feature Bypass in Windows 10 Mobile by Microsoft
CVE-2019-1314

6.8MEDIUM

Key Information:

Vendor: Microsoft
Status: Windows 10 Mobile
Vendor: CVE Published:; 10 October 2019

What is CVE-2019-1314?

A security feature bypass vulnerability occurs in Windows 10 Mobile when Cortana permits users to access files and folders directly from the locked screen. This flaw potentially allows unauthorized access to sensitive data without proper authentication, posing a significant risk to user privacy and data integrity. It's crucial for users to be aware of this vulnerability and implement necessary security measures.

Affected Version(s)

Windows 10 Mobile = unspecified

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2019
Vulnerability Reserved
Nov 26, 2018