Posts Memono | Insecure Data Storage [IOS] | CVE-2020-11826

Memono | Insecure Data Storage [IOS] | CVE-2020-11826


Version: 3.8

Vulnerability: Insecure Data Storage

CVE: CVE-2020-11826

CVSS 3.x Base Score7.5 HIGH

Description of the application:

Multimedia notes application for iPhone, iPad and Apple Watch.


Users can lock their notes with a password in “Memono” version 3.8. So, users need to know password to read notes. But these notes are stored in database without encryption and attacker can read the password protected notes without having the password. Notes are stored in “ZENTITY” table in “memono.sqlite” database.

This post is licensed under CC BY 4.0 by the author.