CVE-2020-5526

Summary

The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Software

VendorProductVersion RangeStatus
Fuji Xerox Co.,Ltd.AWMS Mobile Appfor Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8affected

Weaknesses

  • Fails to verify SSL certificates

ADP Enrichment

CVE Program Container

Additional References

References