CVE-2020-4099

Summary

The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL Verse for Android< 12.0.15affected

Weaknesses

  • CWE-326: CWE-326 Inadequate Encryption Strength

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References