PT-2018-15174 · Videolan · Vlc Media Player
Carolanitz
·
Published
2018-12-31
·
Updated
2025-05-06
·
CVE-2018-19937
CVSS v3.1
6.6
Medium
| Vector | AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
VideoLAN VLC media player app versions prior to 3.1.5 for iOS
Description
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app by opening a URL and turning the phone.
Recommendations
For versions prior to 3.1.5, update to version 3.1.5 or later to resolve the issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vlc Media Player