Windows 10 Mobile Security Improper Authentication Vulnerability

Summary

Windows 10 Mobile Security suffers from improper authentication vulnerability

Credit:

The information has been provided by Yuval Ron

The original article can be found at:  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1314


Details

A security feature bypass vulnerability exists in Windows 10 Mobile when Cortana allows a user to access files and folders through the locked screen. An attacker who successfully exploited this vulnerability could access the photo library of an affected phone and modify or delete photos without authenticating to the system.

Vulnerable Systems:

Windows 10 Mobile Security 

CVE Information:

CVE-2019-1314

Disclosure Timeline:
Published Date:10/10/2019