Authenticator for Android
by SAP
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-27895 | 0.00 | — | 0.00 | Mar 14, 2023 | SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On… | |||
| CVE-2022-35290 | 0.00 | — | 0.01 | Aug 9, 2022 | Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted. | |||
| CVE-2021-25266 | 0.00 | — | 0.00 | Apr 27, 2022 | An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. |
- CVE-2023-27895Mar 14, 2023risk 0.00cvss —epss 0.00
SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On…
- CVE-2022-35290Aug 9, 2022risk 0.00cvss —epss 0.01
Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted.
- CVE-2021-25266Apr 27, 2022risk 0.00cvss —epss 0.00
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.