First published: Mon Sep 23 2024(Updated: )
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information.
Credit: 9119a7d8-5eab-497f-8521-727c672e3725
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Planetfitness Planet Fitness Workouts | <9.8.12 | |
Any of | ||
Apple iPhone OS | ||
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.