OWASP Top 10 Mobile Risks 2024

Explore the top 10 mobile risks for 2024 including credential usage, insecure communication, and more. Stay updated on critical vulnerabilities.

The OWASP Mobile Top 10 is a list of the top 10 mobile risks for the year 2024. This list aims to highlight the most critical vulnerabilities and security issues that developers and organizations should be aware of when building and securing mobile applications. The 2024 release of the OWASP Mobile Top 10 includes the following risks:

Table of Mobile Risks

ID	Name
M1	Improper Credential Usage
M2	Inadequate Supply Chain Security
M3	Insecure Authentication/Authorization
M4	Insufficient Input/Output Validation
M5	Insecure Communication
M6	Inadequate Privacy Controls
M7	Insufficient Binary Protections
M8	Security Misconfiguration
M9	Insecure Data Storage
M10	Insufficient Cryptography

Comparison between 2016 and 2024

The 2024 release of the OWASP Mobile Top 10 includes updates and changes compared to the 2016 version. It is important for developers and organizations to stay updated on the latest mobile risks to ensure the security of their applications.

Vulnerabilities which didn’t make the place on Final Top 10 list

Although the following vulnerabilities did not make it to the final top 10 list, they are still considered important and may be included in future releases of the OWASP Mobile Top 10: - Data Leakage - Hardcoded Secrets - Insecure Access Control - Path Overwrite and Path Traversal - Unprotected Endpoints (Deeplink, Activity, Service, etc.) - Unsafe Sharing

OWASP Top 10 Mobile Risks 2024

Table of Mobile Risks

Comparison between 2016 and 2024

Vulnerabilities which didn’t make the place on Final Top 10 list

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now