RSA Authentication Client 2.0.x, 3.0, and 3.5.x contain a potential vulnerability that could allow the unintended extraction, by a properly authenticated user, of secret (or symmetric) key objects stored on an RSA SecurID 800 Authenticator. This potential vulnerability is corrected in RSA Authentication Client 3.5.3.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/94542/ESA-2010-018.txt
Source: https://packetstormsecurity.com/files/94542/RSA-SecurID-800-Authenticator-Secret-Extraction.html