Microsoft Nokia Asha 501 Lock Screen Security Bypass Vulnerabilities

Summary

Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option.

Credit:

Details

Vulnerable Systems:
 * Microsoft Mobile Nokia Asha 501 phone 14.0.4

Microsoft Nokia Asha 501 is prone to a security-bypass vulnerability. An attacker with physical access to a locked device can leverage this issue to bypass the lock screen and gain unauthorized access to the device.

CVE Information:
CVE-2014-6602

Disclosure Timeline:
Original release date: 09/21/2014
Last revised: 09/22/2014

Categories: Windows