PT-2017-15517 · Huawei+1 · Huawei Tech Support App+2

Zack Whittaker

Publicado

2017-10-27

Atualizado

2017-12-11

CVE-2017-2730

CVSS v3.1

3.5

Baixa

Vetor

AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions HUAWEI HiLink APP (for IOS) versions prior to 5.0.25.306 HUAWEI Tech Support APP (for IOS) versions prior to 5.0.0

Description The issue allows an attacker to collect information about the iPhone model and firmware version when an iPhone with the affected apps installed connects to a Wi-Fi hotspot built by the attacker.

Recommendations For HUAWEI HiLink APP (for IOS) versions prior to 5.0.25.306, update to version 5.0.25.306 or later. For HUAWEI Tech Support APP (for IOS) versions prior to 5.0.0, update to version 5.0.0 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-2730

MGASA-2017-0390

Produtos afetados

Huawei Hilink App

Huawei Tech Support App

Iphone

PT-2017-15517 · Huawei+1 · Huawei Tech Support App+2

CVE-2017-2730

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7