[DCA-00016 - Nokia E72 Keyboard Password bypass] [Software/Hardware] - Nokia E72 [Vendor Product Description] - Nokia E72 is a high-performance device tailor-made for seamless business and personal communication. [Bug Description] - The Nokia E72 keyboard lock have a delay to validate the password and on this time the screen stays unlocked, allowing the user selects and use any aplication. [History] - Advisory sent to vendor on 08/30/2010. - No reply - Nokia sends correction by software update 09/13/2010 - Personal Version: 051.018.C00_850.01 not vulnerable [Impact] - Medium [Affected Version] - Software Version: 031.023 - Data Version: 31 Mar 2010 - Personal Version: 031.023.C00_850.01 - Model: E72-2 - Type: RM-529 [Vendor Reply] No offical vendor reply [Codes] No codes required ---------------------------------------------------------------------------------------- [Credits] Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs Security Team www.dclabs.com.br -- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs Security Team www.dclabs.com.br
