In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HInsteon For Hub
APPInsteon≤ 1.9.7
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2017-16258CRITICAL9.9ten sam vendor
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel ...
CVE-2017-16259CRITICAL9.9ten sam vendor
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel ...
CVE-2017-16256CRITICAL9.9ten sam vendor
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel ...
CVE-2017-16257CRITICAL9.9ten sam vendor
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel ...
CVE-2017-16260CRITICAL9.9ten sam vendor
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel ...