279 – Root detection control bypass
Description
It is possible to reverse engineer the application and disable detection of rooted devices.
Impact
Avoid the applications detection of rooted devices.
Recommendation
Implement an integrity check on the application so that it cannot be used if it has been modified.
Threat
Attacker with access to APK.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: N
- Attack complexity: H
- Attack Requirements: N
- Privileges required: N
- User interaction: N
- Confidentiality (VC): N
- Integrity (VI): L
- Availability (VA): N
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: X