CVE-2021-36808 PoC — Sophos Secure Workspace For Android 竞争条件问题漏洞

Source

Associated Vulnerability

Description

A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.

Readme

# CVE-2021-36808
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.

Advisory:
https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass 

Write Up:
https://ctulhu.me/posts/sophos-secure-workspace-app-password-bypass/

File Snapshot

 [4.0K]  /data/pocs/66bfab2de87f84beee3625dea2b5c5649afa0211
├── [ 418]  exploit.sh
└── [ 325]  README.md

0 directories, 2 files

Remarks