Critical severity9.8NVD Advisory· Published Aug 24, 2018· Updated Jun 17, 2026
CVE-2017-9821
CVE-2017-9821
Description
The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings (AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM) for SMS validation, which makes it easier for attackers to bypass authentication.
Affected products
1- Range: = 1.3 for Android
Patches
Vulnerability mechanics
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/148923nvdThird Party Advisory
- github.com/magicj3lly/appexploits/blob/master/BHIM-App-PreliminaryReport.pdfnvdBroken Link
News mentions
0No linked articles in our index yet.