Security & Compliance
DEVO-2022-0001
Summary
A vulnerability was fixed in Devolutions Hub for iOS where the FaceID application lock could be bypassed.
Affected Products
Devolutions Hub for iOS 2021.3.3 and older
Change Log
Initial Publication - 2022-02-17
Severity
Medium
Product
Devolutions Hub for iOS
Fix Version
2021.3.4
Bypassable biometric application lock (CVE-2022-23849)
Description
The biometric application lock can be bypassed by failing the authentication process in rapid succession.
Remediation and Workarounds
Users are advised to update to 2021.3.4.
Severity
Medium - CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
Devolutions Hub on iOS versions 2021.3.3 and older
CVE(s)
CVE-2022-23849
Credits
Thanks to Sven Halm for reporting this issue.