7.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.0%
In net.MCrypt in the βDiary with lockβ (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.
1337sec.blogspot.de/2017/10/auditing-writediarycom-cve-2017-15581.html
gist.github.com/anonymous/603b89f864a71426042b167cab557efa