Vulnerability in Microsoft Onedrive

CVE-2020-0654

A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting t…

EPSS: 0.035 (87.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

References

Frequently asked questions

What is CVE-2020-0654?
CVE-2020-0654 is a critical-severity vulnerability in Microsoft Onedrive. CVSS score: 9.1/10. Published 2020-01-14.
How severe is CVE-2020-0654?
Critical severity. CVSS v3 base score is 9.1 out of 10.