Security Advisory

CVE-2022-38117

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-24 13:21:03

Last updated 2025-05-07 13:34:07

Assigner twcert

State PUBLISHED

Description

Juiker app hard-coded its AES key in the source code. A physical attacker, after getting the Android root privilege, can use the AES key to decrypt users’ ciphertext and tamper with it.

← Browse all CVEs View on cve.org ↗