Main Vulnerability Database Vulnerabilities #VU104128

#VU104128 Authentication bypass using an alternate path or channel in RoboForm Password Manager - CVE-2025-26700

Published: February 21, 2025

Vulnerability identifier: #VU104128

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-26700

CWE-ID: CWE-288

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
RoboForm Password Manager

Software vendor:
Siber Systems

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to the authentication bypass using an alternate path or channel. An attacker with physical access can bypass the lock screen and obtain sensitive information.

Remediation

Install updates from vendor's website.

External links

https://jvn.jp/en/vu/JVNVU92071645/
https://www.roboform.com/news-android

#VU104128 Authentication bypass using an alternate path or channel in RoboForm Password Manager - CVE-2025-26700

Description

Remediation

External links

Please verify you're human