Enterprise WiFi Connection Vulnerability in Vivo Devices
CVE-2020-12484
6.4MEDIUM
Key Information:
- Vendor
- Vivo
- Status
- Wifi
- Vendor
- CVE Published:
- 17 December 2024
Summary
CVE-2020-12484 is a significant security vulnerability affecting Vivo devices that utilize special modes to connect to enterprise WiFi networks. Due to improper configuration of certain options during the connection process, attackers can exploit this flaw to create rogue WiFi access points that masquerade as legitimate enterprise networks. This deceptive practice enables them to intercept sensitive data through man-in-the-middle attacks. Users connecting to these malicious networks can unknowingly compromise their privacy and security, making it imperative for Vivo device users to remain vigilant and apply necessary updates.
Affected Version(s)
Wifi Versions earlier than 8.12.0.0
References
CVSS V3.1
Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved