{"api_version":"1","generated_at":"2026-05-06T05:47:17+00:00","cve":"CVE-2018-5242","urls":{"html":"https://cve.report/CVE-2018-5242","api":"https://cve.report/api/cve/CVE-2018-5242.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-5242","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-5242"},"summary":{"title":"CVE-2018-5242","description":"Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.","state":"PUBLIC","assigner":"secure@symantec.com","published_at":"2018-06-13 16:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/104414","name":"104414","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Symantec Norton App Lock CVE-2018-5242 Local Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://support.symantec.com/en_US/article.SYMSA1453.html","name":"https://support.symantec.com/en_US/article.SYMSA1453.html","refsource":"CONFIRM","tags":["Mitigation","Vendor Advisory"],"title":"Norton App Lock Bypass","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-5242","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-5242","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"5242","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_app_lock","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5242","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_app_lock","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@symantec.com","DATE_PUBLIC":"2018-06-13T00:00:00","ID":"CVE-2018-5242","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Norton App Lock","version":{"version_data":[{"version_value":"Prior to version 1.3.0.329"}]}}]},"vendor_name":"Symantec Corporation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"App Lock Bypass"}]}]},"references":{"reference_data":[{"name":"104414","refsource":"BID","url":"http://www.securityfocus.com/bid/104414"},{"name":"https://support.symantec.com/en_US/article.SYMSA1453.html","refsource":"CONFIRM","url":"https://support.symantec.com/en_US/article.SYMSA1453.html"}]}},"nvd":{"publishedDate":"2018-06-13 16:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.2,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.3,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:symantec:norton_app_lock:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.0.329","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"5242","Ordinal":"121199","Title":"CVE-2018-5242","CVE":"CVE-2018-5242","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"5242","Ordinal":"1","NoteData":"Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"5242","Ordinal":"2","NoteData":"2018-06-13","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"5242","Ordinal":"3","NoteData":"2018-06-14","Type":"Other","Title":"Modified"}]}}}