This document describes the security content of RetailBox 4.4.1
About RetailBox updates
Software Network regularly release software updates to RetailBox which contain bug fixes, new features and improvements. When there is a security issue identified in RetailBox, we will also include the relevant patches.
To submit a security concern, email us. Software Network security documents reference vulnerabilities using the [sn:issues] identifier whenever possible, which is an internally used standard to track bug reports.
RetailBox 4.4.1 (536)
Released February 8, 2019
Retail Restricted Mode
Entry updated: February 14
Impact: A person with physical access to an iOS device running RetailBox 4.4 or earlier may be able to use an elevated privilege attack ("brute force") to cause the alert view to become invisible to the user and allow touch and gestures.
Description: This issue was addressed through improved password validation.