← back
CVE-2018-16179

CVE-2018-16179

EPSS 0.5%
The Mizuho Direct App for Android version 3.13.0 and earlier does not verify server certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected products
Mizuho Bank, Ltd. · Mizuho Direct App for Android

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/vu/JVNVU91640357/index.htmlhttps://play.google.com/store/apps/details?id=jp.co.mizuhobank.banking