Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users' clear text authentication credentials.
References
Link | Resource |
---|---|
https://www.rapid7.com/blog/post/2024/01/03/genie-aladdin-connect-retrofit-garage-door-opener-multiple-vulnerabilities/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: rapid7
Published: 2024-01-03T19:15:59.436Z
Updated: 2024-01-03T19:16:06.190Z
Reserved: 2023-10-31T13:34:45.000Z
Link: CVE-2023-5879
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-03T20:15:21.737
Modified: 2024-01-10T19:30:37.647
Link: CVE-2023-5879
JSON object: View
Redhat Information
No data.
CWE