CVE-2020-0654

CVE Database · CVE-2020-0654

CVE-2020-0654

· CRITICALModified

CVSS v3.1

9.1

EPSS

3.48%

Published

Jan 14, 2020

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links., aka 'Microsoft OneDrive for Android Security Feature Bypass Vulnerability'.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products (1)

microsoft · onedrivevulnerable

References (2)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0654

PatchVendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0654

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs