Ishwar Kumar

Name of the Vulnerable Software and Affected Versions: YONO SBI: Banking & Lifestyle version 1.23.36 Description: The issue is related to the use of unencrypted communications, which could potentially allow attackers to execute a man-in-the-middle attack. Recommendations: For YONO SBI: Banking & Lifestyle version 1.23.36, consider disabling the use of unencrypted communications until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: IITB SSO version 1.1.0 Description: The issue is related to misconfigured settings, allowing attackers to access sensitive application data. Recommendations: For IITB SSO version 1.1.0, reconfigure the settings to prevent unauthorized access to sensitive application data.

Name of the Vulnerable Software and Affected Versions: Ullu versions 2.9.929 (Android) and 2.8.0 (IOS) Description: The issue is related to incorrect access control, allowing attackers to bypass the parental pin feature via unspecified vectors. Recommendations: For Ullu version 2.9.929 (Android) and version 2.8.0 (IOS), consider restricting access to sensitive features until a patch is available. As a temporary workaround, consider disabling the parental pin bypass feature until a fix is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Trust Wallet version 8.45 Description: The issue is related to insufficient validation of the screen lock mechanism, allowing physically proximate attackers to bypass the lock screen and view the wallet balance. Recommendations: For Trust Wallet version 8.45, consider using an alternative, additional form of authentication or authorization until a patch is available. As a temporary workaround, users may want to enable additional security features, if available, to minimize the risk of exploitation.