Brute Force Vulnerability in Click Studios Passwordstate
CVE-2020-27747

6.8MEDIUM

Key Information:

Vendor: Clickstudios
Status: Passwordstate
Vendor: CVE Published:; 29 October 2020

🔔 Create Clickstudios Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2020-27747?

A security vulnerability in Click Studios' Passwordstate version 8.9 (Build 8973) allows attackers to exploit a user-assigned PIN code for mobile access. By employing a brute force method, an unauthorized user can potentially gain access to sensitive credentials stored in the affected account. This poses a significant threat as it compromises all passwords connected to the account, making it crucial for users to review their security practices and update to the latest version.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-27747
Created by jet-pentest

References

https://www.clickstudios.com.au/

x_refsource_MISC

https://github.com/jet-pentest/CVE-2020-27747

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Oct 29, 2020
👾
Exploit known to exist
Oct 29, 2020
Vulnerability published
Oct 29, 2020
Vulnerability Reserved
Oct 27, 2020

JSON

Clickstudios

Badges

What is CVE-2020-27747?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.