CVE-2018-12271
Affected software: com.getdropbox.Dropbox app for iOS, version 100.2. Root cause: The LAContext Biometric (TouchID) validation can be bypassed by overriding the LAContext return value to true because kSecAccessControlUserPresence is not used. This enables authentication with an arbitrary fingerpr...