CVE-2020-0943
Last modified
CVE-2020-0943 is a medium-severity vulnerability rated 4.6/10 on the CVSS scale. An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android Authentication Bypass Vulnerability'.. EPSS estimates a 1.28% chance of exploitation in the next 30 days.
Description
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android Authentication Bypass Vulnerability'.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Your Phone Companion | All versions |
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0943Patch, Vendor Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0943Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-0943?
How severe is CVE-2020-0943?
How do I fix CVE-2020-0943?
Are you affected by CVE-2020-0943?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST