CVE-2025-26700: Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which...

Medium (5.2)

Description

Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which may allow an attacker with access to a device where the application is installed to bypass the lock screen and obtain sensitive information.

Classification

CVE ID: CVE-2025-26700

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.2

CVSS Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Affected Products

Vendor: Siber Systems, Inc.

Product: RoboForm Password Manager

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 0.11988 (how common is this exploit)

EPSS Date: 2025-03-15 (when was this score calculated)

Timeline

2025-02-18 00:30:17 UTC
CVE

Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password Manager" App for Android versions prior to 9.7.4, which...