CVE-2017-20200

low

Published 2025-09-23 · Modified 2026-04-29

CVSS v3

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2

2.6

VIR risk

3.7

Description

A vulnerability has been found in Coinomi up to 1.7.6. This issue affects some unknown processing. Such manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor replied with: "(...) there isn't any security implication associated with your findings."

Predictions

Exploit likelihood

47%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

https://vuldb.com/?ctiid.325143
https://vuldb.com/?id.325143
https://vuldb.com/?submit.653875
https://web.archive.org/web/20171013065745/https://github.com/Coinomi/coinomi-android/issues/213
https://web.archive.org/web/20171013065745/https://github.com/Coinomi/coinomi-android/issues/213#issuecomment-332371549
https://www.reddit.com/r/Bitcoin/comments/72yvnj/so_coinomis_official_response_on_the/
https://www.reddit.com/r/CryptoCurrency/comments/72osq7/security_warning_coinomi_wallet_transmits_all/dnkhpob/

CWEs

CWE-310 CWE-319

Verify integrity in audit chain (admin only). AS-IS.