The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.