Account Takeover Vulnerability in SBIbuddy Android Application (Versions 1.41 and 1.42)

Account Takeover Vulnerability in SBIbuddy Android Application (Versions 1.41 and 1.42)

CVE-2018-17108 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.

Learn more about our Cis Benchmark Audit For Google Android.