CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9820

The National Payments Corporation of India BHIM application 1.3 for Android uses a custom keypad for which the input element is available to the Accessibility service, which makes it easier for attackers to bypass authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/148925
https://github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdf

Products affected by CVE-2017-9820

Npci » Bharat Interface For Money (Bhim) » Version: 1.3

cpe:2.3:a:npci:bharat_interface_for_money_(bhim):1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9820

Products

Pricing

Contact Us