Accessibility Service Bypass Vulnerability in BHIM Application 1.3 for Android

CVE-2017-9820 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The National Payments Corporation of India BHIM application 1.3 for Android uses a custom keypad for which the input element is available to the Accessibility service, which makes it easier for attackers to bypass authentication.

Learn more about our Cis Benchmark Audit For Google Android.