PT-2026-4698 · Unknown · Biometricservice

Publicado

2026-01-25

Atualizado

2026-03-02

CVE-2026-0017

CVSS v3.1

7.7

Alta

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions versions prior to the fixed version (affected versions not specified)

Description A logic error in the code within BiometricService.java’s onChange function may allow enabling fingerprint unlock. This could result in local privilege escalation without requiring additional execution privileges. Exploitation does not require user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authorization

Protection Mechanism Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-285CWE-693

Identificadores relacionados

ASB-A-444673089

CVE-2026-0017

Produtos afetados

Biometricservice

PT-2026-4698 · Unknown · Biometricservice

CVE-2026-0017

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8