Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? User interaction is required because the user must have a malicious application installed on their device and then accidentally select that application as the handler for the sign‑in deep link. This can occur when the user scans a QR code or taps a sign‑in link and chooses the malicious app instead of Microsoft Authenticator, causing the sign‑in flow to be handled by the attacker‑controlled app. What type of information could be disclosed by this vulnerability? This vulnerability could result in disclosure of a one‑time sign‑in code or authentication deep link if the user selects a malicious application as the handler. The malicious app would receive the sign‑in information and could potentially use it to authenticate as the user, allowing access to information or services available to that account.
<a href="https://linkedin.com/in/khaledsec">Khaled Mohamed</a>