App PIN code can be bypassed in Files iOS
Low
Vulnerability Details
Hi Team,
Hope you are doing great.
Note: IoS APP Vs.: 4.9.1
I got a vulnerability in your applications via which an attacker is able to bypass the PIN.
The attacker just need to bruteforce the 4 digit PIN as unlimited tries is accepted by the application, the attacker can simply do a bruteforce and access the application.
PoC:
{F2844276}
## Impact
Authentication Bypass leading to application access
Actions
View on HackerOneReport Stats
- Report ID: 2245437
- State: Closed
- Substate: resolved
- Upvotes: 26