CVE-2025-68711
Local Privilege Escalation in AppLockZ Android App
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in AppLockZ App Lock and Fingerprint Lock version 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock.
This happens because the lock is implemented as an overlay rather than using Android's secure authentication APIs.
An attacker can navigate through cascading interface flows and insecure navigation via advertisement or browser intents to evade lockscreen verification and access protected apps such as Chrome.
This leads to information disclosure and privilege escalation.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with physical access to your device to bypass the app lock PIN.
As a result, the attacker can access protected applications and potentially sensitive information within those apps.
This leads to information disclosure and privilege escalation, compromising the security and privacy of your data.