Search
Find a vulnerability
Search criteria
2 vulnerabilities found for RoboForm Password Manager by Siber Systems, Inc.
CVE-2025-26700 (GCVE-0-2025-26700)
Vulnerability from nvd – Published: 2025-02-17 02:59 – Updated: 2025-02-18 15:56
VLAI
Summary
Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information.
Severity
5.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siber Systems, Inc. | RoboForm Password Manager |
Affected:
prior to 9.7.4
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26700",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T15:56:00.718171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T15:56:18.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RoboForm Password Manager",
"vendor": "Siber Systems, Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 9.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass using an alternate path or channel issue exists in \u201dRoboForm Password Manager\" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-17T02:59:57.779Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.roboform.com/news-android"
},
{
"url": "https://jvn.jp/en/vu/JVNVU92071645/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-26700",
"datePublished": "2025-02-17T02:59:57.779Z",
"dateReserved": "2025-02-14T05:05:05.660Z",
"dateUpdated": "2025-02-18T15:56:18.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26700 (GCVE-0-2025-26700)
Vulnerability from cvelistv5 – Published: 2025-02-17 02:59 – Updated: 2025-02-18 15:56
VLAI
Summary
Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information.
Severity
5.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siber Systems, Inc. | RoboForm Password Manager |
Affected:
prior to 9.7.4
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26700",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T15:56:00.718171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T15:56:18.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RoboForm Password Manager",
"vendor": "Siber Systems, Inc.",
"versions": [
{
"status": "affected",
"version": "prior to 9.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass using an alternate path or channel issue exists in \u201dRoboForm Password Manager\" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-17T02:59:57.779Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.roboform.com/news-android"
},
{
"url": "https://jvn.jp/en/vu/JVNVU92071645/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-26700",
"datePublished": "2025-02-17T02:59:57.779Z",
"dateReserved": "2025-02-14T05:05:05.660Z",
"dateUpdated": "2025-02-18T15:56:18.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}