Hard Coded Credentials Vulnerability in Enphase Installer Toolkit 3.27.0

CVE-2023-32274 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code in the Android application. An attacker can exploit this and gain access to sensitive information.

Learn more about our Cis Benchmark Audit For Google Android.