Trusted Digital, Trusted Mobility Suite Authorization Bypass Vulnerability


Trusted Digital, Trusted MObility Suite Authorization Bypass Vulnerability Affected applications Trusted Mobility Agent PC Policy Versions: All Backgroud: Trusted Mobility Suite detects, controls and centrally manages mobile devices. It also pushes security policy and disables lost or stolen devices. It offers robust protection of PDA devices with simple management tools to ensure that security is maintained. Workstations have a client installed that disallows syncing if users are not authorized to sync, along with several other features. When a user attempts to sync for the first time, the PC Policy windows opens. The user is required to enter their Domain username and password. Description: When the PC Policy Window opens, the user can click on the cancel button, open activesync or other syncing software, and sync handheld device. The PC Policy window will periodially come back up, user can continue to cancel and resync handheld device with no problem. Solution: The vendor has been contacted well over two months ago. Was told a beta was in testing but nothing has been released yet.