CVE-2017-3742

Name of the Vulnerable Software and Affected Versions Lenovo Connect2 versions prior to 4.2.5.4885 for Windows Lenovo Connect2 versions prior to 4.2.5.3071 for Android

Description The issue allows an attacker with read access to the user's contents to connect to the Connect2 hotspot and access the contents of files being transferred between two systems. This occurs because the password for an ad-hoc connection is stored in a user-readable location.

Recommendations For versions prior to 4.2.5.4885 for Windows, update to version 4.2.5.4885 or later. For versions prior to 4.2.5.3071 for Android, update to version 4.2.5.3071 or later.