SSL Certificate Validation Flaw in Huawei Hilink App for Android
CVE-2016-4005
5.5MEDIUM
Summary
The Huawei Hilink App for Android prior to version 3.19.2 exhibits a critical vulnerability due to its failure to properly validate SSL certificates. This oversight can allow local users to exploit unspecified vectors, potentially compromising the security and privacy of sensitive information transmitted through the application. Users are strongly advised to update to the latest version to mitigate associated risks.
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved