Primary

Context

Trust Wallet Screen Lock Bypass Vulnerability in Version 8.45

Vulnerability

A vulnerability in Trust Wallet for Android, specifically in version 8.45, allows physically proximate attackers to bypass the lock screen and access the wallet balance without authentication. This issue arises from insufficient validation of the screen lock mechanism, which fails to consistently enforce the in-app PIN when the app is accessed through the recent apps screen.

Impact

Exploitation of this vulnerability allows unauthorized access to the wallet balance by bypassing the lock screen authentication.

Reproduction

To reproduce this vulnerability, open Trust Wallet and then access the recent apps screen. Without entering the PIN, repeatedly open Trust Wallet from the recent apps. Eventually, the lock screen will be bypassed, allowing access to the wallet balance.

Added: Jul 1, 2025, 8:17 PM

Updated: Jul 1, 2025, 8:17 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Trust Wallet Screen Lock Bypass Vulnerability in Version 8.45

Vulnerability

Impact

Reproduction

Affected Products

Trust Wallet

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating