CVE-2021-25266
First published: Wed Apr 27 2022(Updated: )
An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
Credit: security-alert@sophos.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos Authenticator | <=3.4 | |
| Sophos Intercept X | <9.7.3495 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-25266?
CVE-2021-25266 is an insecure data storage vulnerability that allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495.
How can a physical attacker exploit CVE-2021-25266?
A physical attacker with root privileges can exploit CVE-2021-25266 by retrieving TOTP secret keys from unlocked phones running affected versions of Sophos Authenticator and Intercept X for Mobile.
Which software versions are affected by CVE-2021-25266?
Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495 are affected by CVE-2021-25266.
What is the severity of CVE-2021-25266?
CVE-2021-25266 has a severity rating of 3.9, which is considered low.
How can I fix CVE-2021-25266?
To fix CVE-2021-25266, users should update to the latest version of Sophos Authenticator and Intercept X for Mobile, which have addressed the insecure data storage vulnerability.
- collector/nvd-index
- vendor/sophos
- canonical/sophos authenticator
- version/sophos authenticator/3.4
- canonical/sophos intercept x