CVE-2024-31684

low-risk
Published 2024-06-03

Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.5/10 Low
PHYSICAL / LOW complexity

References (4)

https://play.google.com/store/apps/details?id=com.choiceoflove.dating&hl=en_US
https://zzzxiin.github.io/post/choice-of-love/
https://play.google.com/store/apps/details?id=com.choiceoflove.dating&hl=en_US
https://zzzxiin.github.io/post/choice-of-love/
18
/ 100
low-risk
Severity 13/34 · Low
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal