iPhone users targeted in phone AND data theft campaign

When is an iPhone theft not just an iPhone theft? When the user's Apple ID and more, goes with it. That's what the Wall Street Journal reports has been happening over recent months. The paper interviewed a handful of people who fell victim to old-school phone theft while out in a bar. But it wasn...

CVE-2023-20857

VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode...

CVE-2023-20857

VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode...

CVE-2023-20857

CVE-2023-20857 relates to a passcode bypass vulnerability in VMware Workspace ONE Content. Connected sources confirm the issue affects the Workspace ONE Content component and could allow bypassing the device passcode when the attacker has access to a rooted device. The primary public advisories d...

VMware Workspace ONE Content update addresses a passcode bypass vulnerability (CVE-2023-20857)

3. Passcode bypass vulnerability CVE-2023-20857 VMware Workspace ONE Content contains a passcode bypass vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.3...

K6701: Possible logon through native RSA SecurID authentication without valid passcode

Security Advisory Description Important: Only customers using native RSA SecurID authentication are affected by this issue. No other forms of authentication, including authentication of SecurID using the RADIUS protocol non-native SecurID authentication are affected by this issue. Note : Versions...

Nextcloud: Full Passcode bypass on Nextcloud App iOS

Vulnerability description not provided...

CVE-2023-22473

Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There are currently no...

Code injection

Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There are currently no...

CVE-2023-22473 Passcode bypass on Talk-Android app

Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There are currently no...

CVE-2023-22473

CVE-2023-22473 affects the Nextcloud Talk Android app. The vulnerability is a passcode bypass that allows access to a user’s Nextcloud files and conversations when an attacker has physical access to the target device. The root cause is exposed by the described bypass in Talk Android, enabling exp...

CVE-2023-22473 Passcode bypass on Talk-Android app

Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There are currently no...

CVE-2023-22473 Passcode bypass on Talk-Android app

Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There are currently no...

Passcode bypass on Talk Android app

None...

PT-2023-18525 · Nextcloud · Nextcloud Talk Android

Name of the Vulnerable Software and Affected Versions: Nextcloud Talk Android app versions prior to 15.0.2 Description: The issue allows an attacker to bypass the passcode, gaining access to the user's Nextcloud files and conversations. This can be exploited with physical access to the target...

Nextcloud: Passcode bypass on Talk Android app

Summary: It is possible to bypass the passcode protection in nextcloud android talk by clicking the notification of a message. Talk App Android version: 15.0.2 RC1 Steps To Reproduce: 1. Create two users 1. Using User A login it to the web interface while User B on Talk App Android 1. Using User ...

CVE-2022-40297

UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...

Design/Logic Flaw

DISPUTED UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as...

CVE-2022-40297

UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...

CVE-2022-40297

UBports Ubuntu Touch 16.04 is affected by CVE-2022-40297 where the screen-unlock 4-digit passcode is usable as the sudo password, enabling privilege escalation to a privileged shell. The root cause described across sources is that a four-digit screen unlock code can be exploited to gain root via ...