Capacitor Native Biometric
Monthly
Authentication bypass in cap-go/capacitor-native-biometric allows an attacker with physical device access to circumvent biometric authentication by hooking the onAuthenticationSucceeded() callback via dynamic instrumentation. The root cause is that AuthActivity.java's implementation of BiometricPrompt.AuthenticationCallback never retrieves or validates the CryptoObject from the AuthenticationResult, making the entire cryptographic binding between biometric gesture and protected key material moot. All npm package versions below the patched release are affected. A proof-of-concept video is publicly available per the GHSA advisory, though no confirmed active exploitation (CISA KEV) has been identified at time of analysis.
Authentication bypass in cap-go/capacitor-native-biometric allows an attacker with physical device access to circumvent biometric authentication by hooking the onAuthenticationSucceeded() callback via dynamic instrumentation. The root cause is that AuthActivity.java's implementation of BiometricPrompt.AuthenticationCallback never retrieves or validates the CryptoObject from the AuthenticationResult, making the entire cryptographic binding between biometric gesture and protected key material moot. All npm package versions below the patched release are affected. A proof-of-concept video is publicly available per the GHSA advisory, though no confirmed active exploitation (CISA KEV) has been identified at time of analysis.