cvedb.io
CVE-2018-5298
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2018-01-08T08:29:00.200 · Last modified 2026-06-17T02:00:00.130

Summary

In the Procter & Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences XML file.

Affected products

pg — oral-b_app

Does this affect you?

Add your gear to cvedb and we'll alert you only when pg ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.