Authentication bypass using an alternate path or channel in Nextcloud Android Talk

#VU61279 Authentication bypass using an alternate path or channel in Nextcloud Android Talk

Published: 2022-03-14

Vulnerability identifier: #VU61279

Vulnerability risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-41181

CWE-ID: CWE-288

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Nextcloud Android Talk
Client/Desktop applications / Messaging software

Vendor:

Description

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected application does not properly detect the lockscreen state when a call is incoming. An attacker with physical access to the locked phone can gain access to the chat messages and files of the user.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://github.com/nextcloud/security-advisories/security/advisories/GHSA-497c-c8hx-6qcf
http://github.com/nextcloud/talk-android/pull/1585

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Nextcloud Android Talk