Critical severity9.8NVD Advisory· Published Aug 24, 2018· Updated Jun 17, 2026
CVE-2017-9820
CVE-2017-9820
Description
The National Payments Corporation of India BHIM application 1.3 for Android uses a custom keypad for which the input element is available to the Accessibility service, which makes it easier for attackers to bypass authentication.
Affected products
2= 1.3+ 1 more
- (no CPE)range: = 1.3
- (no CPE)range: = 1.3
Patches
Vulnerability mechanics
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/148925nvdThird Party Advisory
- github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdfnvdBroken Link
News mentions
0No linked articles in our index yet.