Privilege Escalation Vulnerability in OwnCloud Android App by OwnCloud
CVE-2024-50657

Currently unrated

Key Information:

Vendor: OwnCloud
Status: OwnCloud Android App
Vendor: CVE Published:; 22 November 2024

What is CVE-2024-50657?

A vulnerability in the OwnCloud Android application version 4.3.1 enables a physically proximate attacker to escalate their privileges. This occurs through the PassCodeViewModel class, specifically in the checkPassCodeIsValid method, potentially allowing unauthorized access to sensitive data or functionality. Users are advised to update their applications and apply best security practices to mitigate the risk.

References

https://drive.google.com/drive/folders/1C-ZYjYhmKRGvWs9YN...

https://github.com/SAHALLL/CVE-2024-50657

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2024