CVE-2018-5298

CVE: CVE-2018-5298
Published: 2018-01-08T08:29Z
Vendor: pg
Products: oral-b_app
Versions: 5.0.0,
Description Language: en
Description: In the Procter & Gamble “Oral-B App” (aka com.pg.oralb.oralbapp) application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences XML file.
References:
https://1337sec.blogspot.de/2018/01/auditing-oral-b-app-v500.html