Task Hijacking Vulnerability in F5 Access for Android
CVE-2022-27875

5.5MEDIUM

Key Information:

Vendor: F5
Status: F5 Access For Android
Vendor: CVE Published:; 5 May 2022

Summary

A task hijacking vulnerability exists in the F5 Access for Android application prior to version 3.0.8, allowing attackers illicit access to sensitive user data. This flaw could be exploited to compromise user credentials and sensitive information, posing significant risks to individuals and organizations relying on this application. Users are encouraged to update to the latest version to mitigate this vulnerability.

Affected Version(s)

F5 Access for Android 3.x < 3.0.8

References

https://support.f5.com/csp/article/K40019131

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 5, 2022
Vulnerability Reserved
Apr 19, 2022

Credit

F5 acknowledges Sheikh Rishad for bringing this issue to our attention and following the highest standards of coordinated disclosure.