Sophos · Sap Authenticator For Android · CVE-2021-25266
**Name of the Vulnerable Software and Affected Versions**
Sophos Authenticator for Android versions 3.4 and older
Intercept X for Mobile (Android) versions prior to 9.7.3495
**Description**
An insecure data storage issue allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones.
**Recommendations**
For Sophos Authenticator for Android versions 3.4 and older, update to a version newer than 3.4 to resolve the issue.
For Intercept X for Mobile (Android) versions prior to 9.7.3495, update to version 9.7.3495 or newer to resolve the issue.