Vulnerability Details CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.05
EPSS Ranking 89.2%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-40297
-
cpe:2.3:o:ubports:ubuntu_touch:16.04