First published: Thu Mar 03 2022(Updated: )
The biometric lock in Devolutions Password Hub for iOS before 2021.3.4 allows attackers to access the application because of authentication bypass. An attacker must rapidly make failed biometric authentication attempts.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Password Hub | <2021.3.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-23849 is a vulnerability in the biometric lock in Devolutions Password Hub for iOS before 2021.3.4 that allows attackers to access the application due to authentication bypass.
An attacker can exploit CVE-2022-23849 by rapidly making failed biometric authentication attempts to bypass the biometric lock in Devolutions Password Hub for iOS.
CVE-2022-23849 has a severity value of 6.6, which is considered medium severity.
Devolutions Password Hub for iOS before version 2021.3.4 is affected by CVE-2022-23849.
To fix CVE-2022-23849, it is recommended to update Devolutions Password Hub for iOS to version 2021.3.4 or later.