Pyxtrlock
CVE-2013-4427
LOW
Severity by source
AV:L/AC:L/Au:N/C:P/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:L/Au:N/C:P/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access to the keyboard or mouse without unlocking the screen via unspecified vectors.
AnalysisAI
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access to the keyboard or mouse without unlocking the screen via unspecified vectors. Affected products include: Leon Weber Pyxtrlock. Version information: before 0.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control. Rated high severity (CVSS 7.8), this vulnerability i
pyxtrlock before 0.1 uses an incorrect variable name, which allows physically proximate attackers to bypass the lock scr
Same weakness CWE-20 – Improper Input Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today