CVE-2018-25030

Summary

A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and File Manager up to 2.5. Affected is the Auto Lock. A race condition leads to a local authentication bypass. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
MirmaySecure Private Browser2.0affected
MirmaySecure Private Browser2.1affected
MirmaySecure Private Browser2.2affected
MirmaySecure Private Browser2.3affected
MirmaySecure Private Browser2.4affected
MirmaySecure Private Browser2.5affected
MirmayFile Manager2.0affected
MirmayFile Manager2.1affected
MirmayFile Manager2.2affected
MirmayFile Manager2.3affected
MirmayFile Manager2.4affected
MirmayFile Manager2.5affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References