Msrc Onedrive For Android vulnerabilities
5 known vulnerabilities affecting msrc/onedrive_for_android.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2025-60722MEDIUMCVSS 6.52025-11-11
CVE-2025-60722 [MEDIUM] CWE-22 Microsoft OneDrive for Android Elevation of Privilege Vulnerability
Microsoft OneDrive for Android Elevation of Privilege Vulnerability
Description: Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.
FAQ: What privileges could an attacker gain with successful exploitation?
An attacker who successfully exploited this vulnerability could gain unau
msrc
CVE-2023-24882MEDIUMCVSS 5.52023-03-14
CVE-2023-24882 [MEDIUM] Microsoft OneDrive for Android Information Disclosure Vulnerability
Microsoft OneDrive for Android Information Disclosure Vulnerability
FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is information disclosure?
The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local (AV:L) and User Interaction is Required (UI:R), this could describe an exploit in which
msrc
CVE-2023-24923MEDIUMCVSS 5.52023-03-14
CVE-2023-24923 [MEDIUM] Microsoft OneDrive for Android Information Disclosure Vulnerability
Microsoft OneDrive for Android Information Disclosure Vulnerability
FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is information disclosure?
The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local (AV:L) and User Interaction is Required (UI:R), this could describe an exploit in which
msrc
CVE-2022-23255MEDIUMCVSS 5.92022-02-08
CVE-2022-23255 [MEDIUM] Microsoft OneDrive for Android Security Feature Bypass Vulnerability
Microsoft OneDrive for Android Security Feature Bypass Vulnerability
FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
The attacker needs access to an unlocked mobile device to exploit the vulnerability.
FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability?
The authentication to access OneDrive
msrc
CVE-2020-0654HIGHCVSS 9.12020-01-14
CVE-2020-0654 [CRITICAL] Microsoft OneDrive for Android Security Feature Bypass Vulnerability
Microsoft OneDrive for Android Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.
This could allow an attacker to bypass the passcode or fingerprint requirements of the App.
The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links.
FAQ: How do I ge
msrc