Debug symbols were detected in binaries during static analysis. Debug symbols highlight breakpoints developers added during coding to pause execution and examine the state of the app. These symbols aid reverse engineers' understanding of how your app works more quickly, as it provides a table of contents to the compiled native code. Both native and 3rd party libraries may include debug symbols and are searched during analysis.
Debug symbols enable bad actors to understand your code more quickly and lower the barrier to locate risks which may be exploited.
Remediation Resources
While debug symbols facilitate quicker bug resolution during pre-production by providing detailed code insights, it's crucial to remove them from production builds to enhance security and reduce app size.
Finding Description
Debug symbols were detected in binaries during static analysis. Debug symbols highlight breakpoints developers added during coding to pause execution and examine the state of the app. These symbols aid reverse engineers' understanding of how your app works more quickly, as it provides a table of contents to the compiled native code. Both native and 3rd party libraries may include debug symbols and are searched during analysis.
Steps to Reproduce
The OWASP Mobile Application Security Testing Guide (MASTG) provides instructions to manually test and confirm an app is debuggable.
Business Impact
Debug symbols enable bad actors to understand your code more quickly and lower the barrier to locate risks which may be exploited.
Remediation Resources
While debug symbols facilitate quicker bug resolution during pre-production by providing detailed code insights, it's crucial to remove them from production builds to enhance security and reduce app size.
Risk and Regulatory Information
Severity: info
Policy Category: Informational
Application
See more detail in the NowSecure Report
Evidence
#### Components Containing Debug Symbols | Name | |---| | Payload/Active911.app/Active911 | | Payload/Active911.app/Frameworks/MarqueeLabel.framework/MarqueeLabel | | Payload/Active911.app/PlugIns/Active911NotificationServiceExtension.appex/Active911NotificationServiceExtension | ... and 4 more