CVE-2014-6602 : Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass th

Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option.

Published 2014-09-22 01:55:07

Updated 2017-09-08 01:29:15

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2014-6602

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-6602

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.6	MEDIUM	AV:L/AC:L/Au:N/C:C/I:C/A:N	3.9	9.2	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: None

CWE ids for CVE-2014-6602

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-6602

https://exchange.xforce.ibmcloud.com/vulnerabilities/96195

Microsoft Mobile Nokia Asha 501 phone security bypass CVE-2014-6602 Vulnerability Report
http://packetstormsecurity.com/files/128320/Nokia-Asha-501-Lock-Bypass.html

Nokia Asha 501 Lock Bypass ≈ Packet Storm
Exploit

Products affected by CVE-2014-6602

Microsoft » Nokia Asha 501 Software » Version: 14.0.4
cpe:2.3:a:microsoft:nokia_asha_501_software:14.0.4:*:*:*:*:*:*:*
Matching versions
Microsoft » Nokia Asha 501 » Version: N/A
cpe:2.3:h:microsoft:nokia_asha_501:-:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-6602

Exploit prediction scoring system (EPSS) score for CVE-2014-6602

CVSS scores for CVE-2014-6602

CWE ids for CVE-2014-6602

References for CVE-2014-6602

Products affected by CVE-2014-6602