Vulnerabilities > CVE-2021-42111 - Unspecified vulnerability in Rcdevs Openotp Token 1.4.13/1.4.14

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
rcdevs

Summary

An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application. The IOS app version 1.4.1631262629 resolves this issue by storing a hash PIN code.

Vulnerable Configurations

Part Description Count
Application
Rcdevs
2