Vulnerability in Microsoft Onedrive
CVE-2020-0654
A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting t…
EPSS: 0.035 (87.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.
Affected products
- Microsoft Onedrive
- Microsoft One Drive For Android — versions unspecified
References
- secure@microsoft.com (Patch, x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-0654?
- CVE-2020-0654 is a critical-severity vulnerability in Microsoft Onedrive. CVSS score: 9.1/10. Published 2020-01-14.
- How severe is CVE-2020-0654?
- Critical severity. CVSS v3 base score is 9.1 out of 10.