CVE-2024-39891 – In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before …

2 July 2024

Vuln ID: CVE-2024-39891

Published: 2024-07-02 18:15:03.447

Description: In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data. (Authy accounts were not compromised, however.)

Base Score: 5.3 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Source: NVD.NIST.GOV

Date:

2 July 2024

Categorie(s):

NVD

Tag(s):

NVD

How macOS Sequoia can help you at work16 September 2024
RansomHub Ransomware Gang Leaks 487GB of Alleged Kawasaki Europe Data16 September 2024
Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches16 September 2024
Create security observability using generative AI with Security Lake and Amazon Q in QuickSight16 September 2024
Cyberattacks against manufacturing sector increased 105% in H1 of 202416 September 2024