The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS).
CPE | Name | Operator | Version |
---|---|---|---|
bitcoin_wallet | le | 3.2.4 | |
bitcoin_wallet | le | 3.2.4 |