1 results (0.001 seconds)

CVSS: 3.9EPSS: 0%CPEs: 2EXPL: 0

An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. Una vulnerabilidad de almacenamiento de datos no seguro permite a un atacante físico con privilegios de root recuperar claves secretas TOTP de teléfonos desbloqueados en Sophos Authenticator para Android versiones 3.4 y anteriores, e Intercept X for Mobile (Android) versiones anteriores a 9.7.3495 • https://www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storage • CWE-922: Insecure Storage of Sensitive Information •