CVE-2020-1908

Published at:
2020-11-03T20:15:12.330
Source: [email protected]

Global infos:

Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorPHYSICAL
    Availability ImpactNONE
    Base Score4.6
    Base SeverityMEDIUM
    Confidentiality ImpactNONE
    Integrity ImpactHIGH
    Privileges RequiredNONE
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
    Exploitability Score0.9
    Impact Score3.6
    Source[email protected]
    TypePrimary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords