CVE-2023-5879

Name of the Vulnerable Software and Affected Versions The Genie Company Aladdin Connect Mobile Application versions 5.65 Build 2075 and below

Description The issue concerns the storage of users' product account authentication data in clear text within the application. This allows an attacker with access to the Android device to potentially retrieve users' clear text authentication credentials.

Recommendations For versions 5.65 Build 2075 and below, consider updating to a newer version that addresses the issue of storing authentication data in clear text, as this would mitigate the risk of credential exposure. As a temporary workaround, restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.