CVE-2016-5051

Name of the Vulnerable Software and Affected Versions OSRAM SYLVANIA Osram Lightify Home versions prior to 2016-07-26

Description The issue concerns the storage of a Pre-Shared Key (PSK) in cleartext. Specifically, it is stored under the /private/var/mobile/Containers/Data/Application path. This could potentially allow unauthorized access to the key.

Recommendations For versions prior to 2016-07-26, consider updating to a version released after 2016-07-26 to ensure the PSK is stored securely. As a temporary workaround, restrict access to the /private/var/mobile/Containers/Data/Application path to minimize the risk of exploitation.