Vulnerability in HTC Android Devices Allows Credential Exposure
CVE-2011-4872

Currently unrated

Key Information:

Vendor

Htc

Status
Glacier
Sensation Z710e
Evo 3d
Desire S
Vendor
CVE Published:
5 February 2012

What is CVE-2011-4872?

HTC Android devices, including popular models like the Desire HD and EVO series, are vulnerable to an exploit where attackers can remotely access 802.1X Wi-Fi credentials and SSID. This occurs through a malicious application that leverages the android.permission.ACCESS_WIFI_STATE permission to improperly invoke the toString method on the WifiConfiguration class. This vulnerability poses a significant risk as it can lead to unauthorized access to sensitive network information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/763355
third-party-advisoryx_refsource_CERT-VN
http://archives.neohapsis.com/archives/bugtraq/2012-02/00...
mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/47837
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.