@DTCERTTeamwire Pass Code Bypass
A pass code bypass in the mobile application of Teamwire for Android allows an attacker with physical access to the phone to use the app without entering the valid pass code.
Telekom Security
security.telekom.com
Advisory: Teamwire Pass Code Bypass
Release Date: 2020/08/31
Author: Bastian Recktenwald (Bastian.Recktenwald@telekom.de)
CVE: CVE-2020-12621
Application: Teamwire (Android App)
Risk: Medium
Overview:
Teamwire is a secure messenger for companies, authorities and healtcare. The complete description
of the app could be found in the official app store:
https://play.google.com/store/apps/details?id=com.teamwire.messenger
During a penetration test of the mobile application Teamwire for Android, a vulnerability
could be identified. To exploit the vulnerability in a sensible way, an attack must have physical
access to the mobile phone. The vulnerability was fixed with version 5.4.3.
Details:
The App can be additionally protected with a pass code to improve the access security of the app.
The found vulnerability allows an attacker to bypass the pass code protection mechanism. In order to
exploit the vulnerability, an attacker can bypass the pass code by starting the exposed
activity “LoadingActivity“. Afterwards the app could be used without any restrictions.
For example, new messages could be written or existing messages could be read.
Disclosure Timeline:
30. April 2020 - Notified vendor
11. Mai 2020 - Vulnerability was fixed
10. Juni 2020 - Release of version 5.4.3
About Telekom Security:
Telekom Security is the security provider for Deutsche Telekom and Deutsche Telekom customers.
https://security.telekom.com
https://telekomsecurity.github.io
https://www.sicherheitstacho.eu