Comment on CVE-2018-16550

danielf

Hello,

a researcher tweeted about a potential security issue, that could allow to brute force 4 digit pins. The NVD has assigned a CVE to this issue (CVE-2018-16550) suggesting it has somewhat validated the finding.

Is there any official feedback on your side? Where you able to validate this finding? If so, is it going to be fixed in a future release?

Thanks for your support!

Esther

Hi Daniel,

Thanks for your question.

Yes, we posted this statement earlier: Statement on recent brute-force research

To summarize it quickly: A patch for the issue has been rolled out.

I am going to add the CVE name to the thread to make it easier to find.

Thanks and best, Esther