CVE-2022-34909
Description
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A4N (Aremis 4 Nomad) Android app version 1.5.0 is vulnerable to SQL injection, allowing attackers to bypass authentication and access database contents.
Vulnerability
The A4N (Aremis 4 Nomad) Android mobile application version 1.5.0 is vulnerable to SQL injection. The vulnerability exists in multiple fields of the application, allowing an attacker to inject malicious SQL queries [1][2].
Exploitation
An attacker with local access to the device can exploit the SQL injection without authentication or user interaction. By injecting SQL commands into vulnerable input fields, the attacker can bypass authentication mechanisms [1][2].
Impact
Successful exploitation allows the attacker to bypass authentication and retrieve all data stored in the database, including credentials. This leads to high confidentiality and integrity impact, but no availability impact [2].
Mitigation
The vendor released version 1.5.1 (B221115) to address the vulnerability [2]. Users should update to this version or later.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- A4N/Aremis 4 Nomaddescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.