Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access

When a device loses connection to the ETM system, its expired administrator login tokens can be exposed to other devices. These old, unusable tokens are revealed even though they're no longer valid, which could expose sensitive credentials.

Units that time out from ETM access may leak expired administrator authentication tokens through the access mechanism. This exposure occurs via information disclosure when devices are temporarily disconnected or in a timeout state. While tokens are expired and unusable, their revelation could enable credential harvesting or reconnaissance attacks in environments where token formats or patterns are predictable.