2 matches found
CVE-2018-17403
The PhonePe wallet aka com.PhonePe.app application 3.0.6 through 3.3.26 for Android might allow attackers to impersonate a user and set up their account without their knowledge. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide accessibili...
CVE-2018-17403
PhonePe wallet (com.PhonePe.app) on Android, versions 3.0.6–3.3.26, is vulnerable to user impersonation and unauthorized account setup via a malicious app that users must explicitly install and grant Accessibility permission to. This capability relies on the Android Accessibility framework and is...