Description
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220427-ixm-storage
Scores
CVSS v3
3.9
EPSS
0.0005
EPSS Percentile
17.1%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-922
Status
published
Products (2)
sophos/authenticator
< 3.4
sophos/intercept_x
< 9.7.3495
Published
Apr 27, 2022
Tracked Since
Feb 18, 2026