CVE-2025-68711
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/05/2026
Last modified:
27/05/2026
Description
AppLockZ App Lock and Fingerprint Lock (applock.passwordfingerprint.applockz) 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through exposed routes facilitates app control evasion {I.N.T.E.R.F.A.C.E] via advertisement or browser intents, an attacker can evade lockscreen verification and access protected apps (e.g., Chrome). This results in information disclosure and privilege escalation.
Impact
Base Score 3.x
2.40
Severity 3.x
LOW



