← back
CVE-2018-13042

CVE-2018-13042

EPSS 7.9%
The 1Password application 6.8 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application (since they are exported), it is possible to crash the 1Password instance.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46165/unverifiedexploitdbwww.exploit-db.com/exploits/46165unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://app-updates.agilebits.com/product_history/OPA4https://www.exploit-db.com/exploits/46165/https://www.valbrux.it/blog/2019/01/22/cve-2018-13042-1password-android-7-0-denial-of-service/