Unrated severityNVD Advisory· Published Apr 27, 2022· Updated Aug 3, 2024
CVE-2021-25266
CVE-2021-25266
Description
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<9.7.3495+ 1 more
- (no CPE)range: <9.7.3495
- (no CPE)range: unspecified
- Range: <=3.4
- Sophos/Sophos Authenticator (Android)v5Range: unspecified
Patches
Vulnerability mechanics
References
1- www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storagemitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.