Vulnerability Description
Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Nokia Asha 501 Software | 14.0.4 |
| Microsoft | Nokia Asha 501 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/128320/Nokia-Asha-501-Lock-Bypass.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96195
- http://packetstormsecurity.com/files/128320/Nokia-Asha-501-Lock-Bypass.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96195
FAQ
What is CVE-2014-6602?
CVE-2014-6602 is a vulnerability with a CVSS score of 6.6 (MEDIUM). Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or di...
How severe is CVE-2014-6602?
CVE-2014-6602 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6602?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Nokia Asha 501 Software, Microsoft Nokia Asha 501.