Weak Obfuscation in Ascensia Contour NEXT ONE Android App Allows Extraction of Sensitive Medical Data

Weak Obfuscation in Ascensia Contour NEXT ONE Android App Allows Extraction of Sensitive Medical Data

CVE-2018-18977 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. An attacker may reverse engineer the codebase to extract sensitive data that contributes to the disclosure of medical information of patients utilizing the Ascensia platform. This occurs because of weak obfuscation.

Learn more about our Cis Benchmark Audit For Google Android.