CVE-2023-5879

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jan 3, 2024
Updated: Jan 10, 2024
CWE ID 922

Summary

CVE-2023-5879 is a vulnerability affecting The Genie Company's Aladdin Connect Mobile Application Version 5.65 Build 2075 and below, running on Android devices. This issue involved the storage of clear-text authentication data for product accounts, making it possible for attackers to access users' credentials directly if they gain access to the affected device. This vulnerability poses a significant risk to users' account security and highlights the importance of implementing secure data storage practices in mobile applications.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share