CVE-2013-4872

Name of the Vulnerable Software and Affected Versions Google Glass versions prior to XE6

Description The issue allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted QR code symbol. This can be demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.

Recommendations For Google Glass versions prior to XE6, avoid scanning untrusted QR codes until a patch is available. As a temporary workaround, consider disabling the QR code processing feature to minimize the risk of exploitation.