ArmorX Android APPs multi-factor authentication (MFA) for the login function is not properly implemented. Remote attackers who obtain user credentials can bypass MFA, allowing them to successfully log into the APP.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.