SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful...
6.5CVSS
6.2AI Score
0.001EPSS
Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be...
7.5CVSS
7.3AI Score
0.002EPSS
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version...
3.9CVSS
4.3AI Score
0.0004EPSS