An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos intercept x |
||
sophos authenticator |