PT-2017-15517 · Huawei+1 · Huawei Tech Support App+2

Zack Whittaker

Published

2017-10-27

Updated

2017-12-11

CVE-2017-2730

CVSS v3.1

3.5

Low

Vector

AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions HUAWEI HiLink APP (for IOS) versions prior to 5.0.25.306 HUAWEI Tech Support APP (for IOS) versions prior to 5.0.0

Description The issue allows an attacker to collect information about the iPhone model and firmware version when an iPhone with the affected apps installed connects to a Wi-Fi hotspot built by the attacker.

Recommendations For HUAWEI HiLink APP (for IOS) versions prior to 5.0.25.306, update to version 5.0.25.306 or later. For HUAWEI Tech Support APP (for IOS) versions prior to 5.0.0, update to version 5.0.0 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-2730

MGASA-2017-0390

Affected Products

Huawei Hilink App

Huawei Tech Support App

Iphone

PT-2017-15517 · Huawei+1 · Huawei Tech Support App+2

CVE-2017-2730

Weakness Enumeration

Related Identifiers

Affected Products

References · 7