CVE-2020-29392

EUVD-2020-21765
The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* backdoor password. An attacker with physical access can unlock the password manager without knowing the master password set by the user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Common Weakness Enumeration
References
https://i.blackhat.com/asia-20/Friday/asia-20-Loke-Patching-Loopholes-Finding-Backdoors-In-Applications.pdf
https://i.blackhat.com/asia-20/Friday/asia-20-Loke-Patching-Loopholes-Finding-Backdoors-In-Applications.pdf