Main Vulnerability Database SB2025022121

SB2025022121 - Authentication bypass using an alternate path or channel in RoboForm Password Manager App for Android

Published: February 21, 2025

Security Bulletin ID SB2025022121

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Authentication bypass using an alternate path or channel (CVE-ID: CVE-2025-26700)

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the authentication bypass using an alternate path or channel. An attacker with physical access can bypass the lock screen and obtain sensitive information.

Remediation

Install update from vendor's website.

References

https://jvn.jp/en/vu/JVNVU92071645/
https://www.roboform.com/news-android