CVE-2025-68711
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1528 · Steal Application Access TokenGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-68711
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
AppLockZ App Lock and Fingerprint Lock (applock.passwordfingerprint.applockz) 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through exposed routes facilitates app control evasion {I.N.T.E.R.F.A.C.E] via advertisement or browser intents, an attacker can evade lockscreen verification and access protected apps (e.g., Chrome). This results in information disclosure and privilege escalation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
AppLockZ - TrustedApp App Lock and Fingerprint Lock 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AppLockZ - TrustedApp App Lock and Fingerprint Lock是AppLockZ - TrustedApp公司的一款移动应用安全工具。 AppLockZ - TrustedApp App Lock and Fingerprint Lock 4.2.11版本存在安全漏洞,该漏洞源于PIN锁实现为覆盖层而非使用Android安全认证API,通过不安全的导航界面流程,攻击者可绕过锁屏验证并访问受保护应用,导致信息泄露和权限提升。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-68711
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-68711
请登录查看更多情报信息。
Exploits & Public PoCs for CVE-2025-68711 (1)
Proof of Concept for CVE-2025-68711 (1)
Vendor Pages for CVE-2025-68711 (1)
Same Patch Batch · n/a · 2026-05-26 · 31 CVEs total
| CVE-2026-9496 | 7.5 HIGH | pacote 安全漏洞 |
| CVE-2026-9580 | 7.3 HIGH | JeecgBoot selectDepart LoginController.selectDepart access control |
| CVE-2026-9495 | 7.3 HIGH | @koa/router 安全漏洞 |
| CVE-2026-9581 | 6.3 MEDIUM | JeecgBoot add access control |
| CVE-2026-9579 | 6.3 MEDIUM | JeecgBoot SysUser userEdit user.getUsername access control |
| CVE-2026-9541 | 5.3 MEDIUM | Squirrel Cnut File sqobject.cpp ReadObject heap-based overflow |
| CVE-2026-9568 | 5.0 MEDIUM | ThingsBoard YAML provision getGatewayDockerComposeFile code injection |
| CVE-2026-9604 | 4.3 MEDIUM | JeecgBoot AiragModelController access control |
| CVE-2026-9567 | 3.3 LOW | GPAC MP4Box isom_intern.c MergeFragment null pointer dereference |
| CVE-2026-9572 | 3.3 LOW | GPAC MP4Box media.c Media_GetSample memory leak |
| CVE-2025-68708 | SailingLab AppLock 安全漏洞 | |
| CVE-2026-36239 | PbootCMS 安全漏洞 | |
| CVE-2025-68710 | Easyelife App Lock 安全漏洞 | |
| CVE-2025-68709 | SailingLab AppLock 安全漏洞 | |
| CVE-2026-48689 | FastNetMon 缓冲区错误漏洞 | |
| CVE-2026-48694 | FastNetMon 安全漏洞 | |
| CVE-2026-48695 | FastNetMon 安全漏洞 | |
| CVE-2026-48696 | FastNetMon 安全漏洞 | |
| CVE-2026-48697 | FastNetMon 安全漏洞 | |
| CVE-2026-48690 | FastNetMon 安全漏洞 |
Showing top 20 of 31 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2025-68711
No comments yet