SSL Certificate Validation Flaw in Huawei Hilink App for Android
CVE-2016-4005

5.5MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
13 June 2016

Summary

The Huawei Hilink App for Android prior to version 3.19.2 exhibits a critical vulnerability due to its failure to properly validate SSL certificates. This oversight can allow local users to exploit unspecified vectors, potentially compromising the security and privacy of sensitive information transmitted through the application. Users are strongly advised to update to the latest version to mitigate associated risks.

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.