Work Profile Notification Authentication Bypass in Microsoft YourPhoneCompanion for Android

Work Profile Notification Authentication Bypass in Microsoft YourPhoneCompanion for Android

CVE-2020-0943 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android Authentication Bypass Vulnerability'.

Learn more about our Cis Benchmark Audit For Google Android.