Password Storage Vulnerability in Siemens SPCanywhere Android Application
CVE-2015-1598

Currently unrated

Key Information:

Vendor: Siemens
Status: Spcanywhere
Vendor: CVE Published:; 7 March 2015

Summary

The Siemens SPCanywhere application for Android inadequately manages the storage of application passwords, providing an opportunity for nearby attackers to gain access to sensitive information by inspecting the device's filesystem. This flaw poses a significant risk, especially in environments where physical device security cannot be guaranteed.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 7, 2015
Vulnerability Reserved
Feb 13, 2015