PT-2025-7220 · Unknown · Roboform Password Manager
Johan Francsics
·
Published
2025-02-17
·
Updated
2025-02-17
·
CVE-2025-26700
CVSS v3.1
5.2
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
RoboForm Password Manager versions prior to 9.7.4
Description:
An authentication bypass issue exists, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information. This issue affects the RoboForm Password Manager App for Android.
Recommendations:
For versions prior to 9.7.4, update to version 9.7.4 or later to resolve the issue. As a temporary workaround, consider disabling the lock screen feature in the RoboForm Password Manager App until a patch is applied. Restrict access to sensitive information stored in the app to minimize the risk of exploitation.
Fix
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Roboform Password Manager