2 matches found
CVE-2016-3917
CVE-2016-3917 affects Android fingerprint login on 6.0.1 and 7.0 before 2016-10-01. The root cause is that the fingerprint authentication process does not track the active user, allowing a physically proximate attacker with lockscreen access to authenticate as another user. Exploitation is local;...
CVE-2016-3917
The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveraging lockscreen access, aka internal bug 30744668...