Skip to content
Appaloosa Scout
Frozen view of version 6.8.46 — CVE statuses are recomputed against this version. View current version
iOS Microsoft Corporation

Microsoft Authenticator

com.microsoft.azureauthenticator View on App Store ↗ History Current version : 6.8.46 ★ 4.7
Known vulnerabilities
1
Still open
0
KEV open
0
Max CVSS score
5.5

Known vulnerabilities (CVE)

1 fixed
Test a different version
Evaluates the risk for a given version (default: current store version).
CVE Status
CVE-2026-26123
MEDIUM 5.5 Fixed in: 6.8.40
Fixed
100

Security Score

Excellent · 100/100

Composite: 50% open CVEs + 40% open KEVs + 10% vendor velocity.

See breakdown
  • Open CVEs 0/-50 0 CVEs
  • Open KEVs 0/-40 0 KEVs
  • Vendor 0/-10 100% fresh
100

Privacy Score

Respectful · 100/100

Composite: 40% critical shared + 30% high shared + 20% high collected + 10% sensitive density.

See breakdown
  • Critical shared 0/-40 0 critical shared
  • High shared 0/-30 0 high + 0 medium shared
  • High collected 0/-20 1 high + 3 medium collected
  • Sensitive density 0/-10 17% sensitive

Context

Context

Description

Use Microsoft Authenticator for easy, secure sign-ins for all your online accounts using multi-factor authentication, passwordless, or password autofill. You also have additional account management options for your Microsoft personal, work or school accounts. Getting started with multi-factor authentication Multi factor authentication (MFA)provides a second layer of security. When enabled, during login after entering your password, you’ll be asked for an additional way to prove it’s really you. Either approve the notification sent to the Microsoft Authenticator, or enter the one-time password (OTP) generated by the app. The OTP codes have a 30 second timer counting down. This timer is so you never have to use the same time-based one-time password (TOTP) twice and you don’t have to remember the number. The OTP doesn’t require you to be connected to a network, and it won’t drain your battery. You can add multiple accounts to your app, including non-Microsoft accounts like Facebook, Amazon, Dropbox, Google, LinkedIn, GitHub, and more. Getting started with passwordless Use your phone, not your password, to log into your Microsoft account. Just enter your username, then approve the…

Data collected and shared

Source: App Store · App Privacy · 6 data item(s) declared

1 High 3 Medium 2 Low
Location Usage Data User Content Contact Info Diagnostics Identifiers

Indicative classification based on data sensitivity. "Shared" = transmitted to third parties (publisher-declared).

Other apps by this publisher

Apps published by Microsoft Corporation

Microsoft Loop
com.microsoft.loop
1 open
Microsoft OneDrive
com.microsoft.skydrive
1 open
Windows Camera
msstore:9WZDNCRFJBBG
No known vulnerability
Dynamics 365 for Phones
com.microsoft.crm.crmphone
No known vulnerability
Dynamics 365 Sales
com.microsoft.crm.crmphone.sales
No known vulnerability
HEIF Image Extension
msstore:9PMMSR1CGPWG
No known vulnerability