CVE-2020-29392

2020-11-3017:58:24

mitre

www.cve.org

estil hill lock

password manager

ios

backdoor

unauthorized access

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

40.7%

JSON

The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a #06# backdoor password. An attacker with physical access can unlock the password manager without knowing the master password set by the user.

References

i.blackhat.com/asia-20/Friday/asia-20-Loke-Patching-Loopholes-Finding-Backdoors-In-Applications.pdf