← voltar
CVE-2022-1955

CVE-2022-1955

EPSS 0.4%
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.
Produtos afetados
n/a · Session

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://fluidattacks.com/advisories/tempest/https://github.com/oxen-io/session-androidhttps://github.com/oxen-io/session-android/pull/897