Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Android vulnerability: credit cards at risk

The discovery of a serious vulnerability in the Android operating system puts the security of credit cards at risk

A serious security flaw has been discovered on Android that allows access to credit card data via NFC devices such as Flipper Zero. The vulnerability has been identified as CVE-2023-35671 and affects devices running Android 5.0 and later. The fix is only available for recent versions of Android. Older or unsupported devices will not receive a security patch.
Gruppo ECP

WE GUIDE YOUR COMPANY TO SUCCESS
Clear goals, concrete results
CONTACT US NOW

Gruppo ECP

WE GUIDE YOUR COMPANY TO SUCCESS
Clear goals,
concrete results
CONTACT US NOW

This pill is also available in Italian language

A new vulnerability has been discovered in the Android operating system, putting credit card information on Android devices at risk. The vulnerability, identified as CVE-2023-35671, affects all devices running Android 5.0 and later.

The problem related to the "Screen Pinning" function

The vulnerability is related to the "Screen Pinning" feature on Android. Even if security options such as "Require PIN code before unlocking" and "Require device unlock for NFC" are enabled, bank card data can be stolen when the feature is enabled for any application.

The threat to bank cards linked to Google Wallet

A person equipped with an appropriate NFC reader can receive all the details of a credit or debit card connected to Google Wallet, if the device is temporarily handed over or screen pinning is enabled on Android. Even if the vulnerability does not allow payments to be made, access to card data poses a risk to the user's privacy.

The fix and limitations

Google deemed the vulnerability serious and released a security patch included in the September 2023 update. However, only newer versions of Android, starting with Android 11, will receive the fix. Devices running older versions of Android or without official manufacturer support should avoid using the "Screen Pinning" feature to protect credit card information.

Follow us on Twitter for more pills like this

09/17/2023 02:08

Marco Verro

Last pills

Cloudflare repels the most powerful DDoS attack ever recordedAdvanced defense and global collaboration to tackle new challenges of DDoS attacks

Silent threats: the zero-click flaw that compromises RDP serversHidden risks in remote work: how to protect RDP servers from invisible attacks

Discovery of vulnerability in Secure Boot threatens device securityFlaw in the Secure Boot system requires urgent updates to prevent invisible intrusions

North korean cyberattacks and laptop farming: threats to smart workingAdapting to new digital threats of remote work to protect vital data and infrastructures

Don’t miss the most important news
Enable notifications to stay always updated