The Open Whisper Signal app before 2.23.2 for iOS allows physically proximate attackers to bypass the screen locker feature via certain rapid sequences of actions that include app opening, clicking on cancel, and using the home button.
References
Link | Resource |
---|---|
http://nint.en.do/Signal-Bypass-Screen-locker.php | Broken Link Third Party Advisory |
https://github.com/signalapp/Signal-iOS/commit/018a35df7b42b4941cb4dfc9f462b37c3fafd9e9 | Patch Third Party Advisory |
https://github.com/signalapp/Signal-iOS/commits/release/2.23.2 | Issue Tracking Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-04-10T05:00:00
Updated: 2018-04-10T04:57:01
Reserved: 2018-04-07T00:00:00
Link: CVE-2018-9840
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-04-10T05:29:00.207
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-9840
JSON object: View
Redhat Information
No data.
CWE