2 matches found
CVE-2019-5625 Eaton Halo Home Android App Insecure Storage
The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by...
CVE-2019-5625
CVE-2019-5625 affects the Android Halo Home app prior to 1.11.0, where OAuth authentication and refresh tokens are stored in a clear text file. The file persists until logout or device reboot, enabling an attacker with physical access or a compromised app to impersonate the user by reusing the to...