CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
27.9%
HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect the information of iPhone mode and firmware version.
[
{
"product": "HUAWEI HiLink APP (for IOS), HUAWEI Tech Support APP (for IOS)",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "HUAWEI HiLink APP (for IOS) Versions earlier before 5.0.25.306, HUAWEI Tech Support APP (for IOS) Versions earlier before 5.0.0"
}
]
}
]
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
27.9%