Iij · Iij Smartkey · CVE-2022-41986
**Name of the Vulnerable Software and Affected Versions**
IIJ SmartKey versions prior to 2.1.4
**Description**
The issue allows an attacker to obtain a one-time password issued by the product under certain conditions. This is related to an information disclosure vulnerability in the Android App.
**Recommendations**
For versions prior to 2.1.4, update to version 2.1.4 or later to resolve the issue.