CVE-2019-18373 : Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In

Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps on the device, thereby allowing the individual to gain access.

Published 2019-11-18 21:15:12

Updated 2019-11-20 16:59:06

Source Symantec Corporation

View at NVD, CVE.org

Products affected by CVE-2019-18373

Symantec » Norton App Lock
Versions before (<) 1.4.0.503
cpe:2.3:a:symantec:norton_app_lock:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-18373

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-18373

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.4	MEDIUM	AV:L/AC:M/Au:N/C:P/I:P/A:P	3.4	6.4	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
5.6	MEDIUM	CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L	0.1	5.5	NIST
Attack Vector: Physical Attack Complexity: High Privileges Required: High User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: Low

References for CVE-2019-18373

https://support.symantec.com/us/en/article.SYMSA1496.html

Norton App Lock Security Bypass
Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-18373

Products affected by CVE-2019-18373

Exploit prediction scoring system (EPSS) score for CVE-2019-18373

CVSS scores for CVE-2019-18373

References for CVE-2019-18373