CVE-2021-42111 is a vulnerability identified in the RCDevs OpenOTP iOS application versions 1.4.13 and 1.4.14. The issue arises when the app is installed on a jailbroken iOS device, which allows an attacker with physical or remote access to the compromised device to retrieve the plaintext PIN code used to access the OpenOTP application. This vulnerability is due to the insecure storage of the PIN code, which was stored in a retrievable format rather than as a secure hash. The vulnerability does not affect non-jailbroken devices, as the iOS security model restricts access to app data in those cases. The vendor addressed this issue in version 1.4.1631262629 by changing the storage mechanism to store a hashed version of the PIN code instead of the plaintext, thereby mitigating the risk of PIN disclosure. The CVSS v3.1 score assigned is 5.5 (medium severity), reflecting a low attack complexity but limited attack vector (local, requiring a jailbroken device and low privileges), with high confidentiality impact but no impact on integrity or availability. There are no known exploits in the wild, and the vulnerability requires no user interaction but does require the device to be jailbroken, which is a significant precondition limiting widespread exploitation. The vulnerability specifically targets the confidentiality of the authentication PIN used by the OpenOTP app, which is a multi-factor authentication solution used to secure access to enterprise systems.

For European organizations using the RCDevs OpenOTP iOS app, this vulnerability poses a confidentiality risk to the authentication PIN if devices are jailbroken. The PIN compromise could allow attackers to bypass multi-factor authentication protections, potentially leading to unauthorized access to sensitive enterprise resources. However, the impact is mitigated by the requirement that the device must be jailbroken, which is generally discouraged and less common in corporate environments due to security policies. Organizations with lax device management or BYOD policies where jailbreaking is more prevalent are at higher risk. The confidentiality breach could lead to unauthorized access to corporate networks, sensitive data exposure, and potential lateral movement within the network. Given the medium CVSS score and the limited attack vector, the overall risk is moderate but should not be ignored, especially in sectors with high security requirements such as finance, government, and critical infrastructure. The absence of known exploits in the wild reduces immediate threat but patching remains critical to prevent future exploitation.

European organizations should enforce strict mobile device management (MDM) policies that prohibit jailbreaking of corporate or BYOD iOS devices. Devices found to be jailbroken should be quarantined or removed from accessing corporate resources. Organizations should ensure that all users update the RCDevs OpenOTP iOS app to version 1.4.1631262629 or later, which addresses the vulnerability by securely hashing the PIN code. Additionally, organizations should implement continuous monitoring for jailbroken devices and educate users on the security risks of jailbreaking. Employing endpoint detection and response (EDR) solutions that can detect jailbreak indicators will further reduce risk. Finally, organizations should consider additional layers of authentication or device attestation mechanisms to ensure device integrity before allowing access to sensitive systems.