Authentication Bypass in RoboForm Password Manager for Android
CVE-2025-26700

5.2MEDIUM

Key Information:

Vendor: Siber Systems, Inc.
Status: Roboform Password Manager
Vendor: CVE Published:; 17 February 2025

🔔 Create Siber Systems, Inc. Vulnerability Alert

What is CVE-2025-26700?

A vulnerability exists in RoboForm Password Manager for Android, allowing an attacker who gains access to a device with the app installed to bypass the lock screen. This potentially exposes sensitive user information, as it enables unauthorized access to the app’s functionalities and stored credentials. Users are encouraged to update to the latest version (9.7.4 or later) to mitigate this risk.

Affected Version(s)

RoboForm Password Manager prior to 9.7.4

References

https://www.roboform.com/news-android

https://jvn.jp/en/vu/JVNVU92071645/

CVSS V3.0

Score:

5.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2025
Vulnerability Reserved
Feb 14, 2025