Privilege Escalation Vulnerability in Click Studios Passwordstate 9435

Privilege Escalation Vulnerability in Click Studios Passwordstate 9435

CVE-2022-25570 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain access to additional password lists without permissions. Specifically, an authenticated user who has write permissions to a password list in one folder (with the default permission model) can extend his permissions to all other password lists in the same folder.

Learn more about our Cis Benchmark Audit For Apple Ios.