CVE-2020-5629

Summary

UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party. As a result, if the access destination is a malicious website, the user may fall victim to the social engineering attack.

Affected Software

VendorProductVersion RangeStatus
UNIQLO CO., LTD.UNIQLO App for Androidversions 7.3.3 and earlieraffected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References