CVE-2020-0654
Last modified
CVE-2020-0654 is a critical-severity vulnerability rated 9.1/10 on the CVSS scale. A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links., aka 'Microsoft OneDrive for Android Security Feature Bypass Vulnerability'.. EPSS estimates a 3.48% chance of exploitation in the next 30 days.
Description
A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links., aka 'Microsoft OneDrive for Android Security Feature Bypass Vulnerability'.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Onedrive | All versions |
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0654Patch, Vendor Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0654Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-0654?
How severe is CVE-2020-0654?
How do I fix CVE-2020-0654?
Are you affected by CVE-2020-0654?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST