CVE-2019-18373 : Security Advisory and Response

Norton App Lock, prior to version 1.4.0.503, may have a vulnerability that allows a security bypass, potentially granting unauthorized access to the device.

Understanding CVE-2019-18373

Norton AppLock, developed by Symantec, is affected by a security vulnerability that could be exploited to bypass its intended functionality.

What is CVE-2019-18373?

CVE-2019-18373 is a security bypass vulnerability in Norton AppLock versions prior to 1.4.0.503. Exploiting this vulnerability can allow a user to bypass the app's locking mechanism, providing unauthorized access to the device.

The Impact of CVE-2019-18373

The exploit enables users to disable the app's ability to lock other applications on the device, potentially leading to unauthorized access and compromising sensitive information.

Technical Details of CVE-2019-18373

Norton AppLock vulnerability details and affected systems.

Vulnerability Description

Norton App Lock, versions before 1.4.0.503, may allow a security bypass exploit.

Affected Systems and Versions

Product: Norton AppLock
Vendor: Symantec
Vulnerable Version: Prior to 1.4.0.503

Exploitation Mechanism

The vulnerability could be exploited to bypass the app's intended functionality, granting unauthorized access to the device.

Mitigation and Prevention

Steps to mitigate the CVE-2019-18373 vulnerability.

Immediate Steps to Take

Update Norton AppLock to version 1.4.0.503 or later to patch the security vulnerability.
Avoid granting unnecessary permissions to apps to minimize the risk of exploitation.

Long-Term Security Practices

Regularly update all applications and operating systems to ensure the latest security patches are in place.
Use strong, unique passwords and enable two-factor authentication where possible.

Patching and Updates

Symantec has released a patch for Norton AppLock to address the security bypass vulnerability.