Improper Permission Control in WiFi Module Affects Vivo Devices
CVE-2021-26278
6.3MEDIUM
Summary
CVE-2021-26278 is a critical vulnerability affecting the WiFi module of certain Vivo devices. This vulnerability arises from improper permission controls, which can leak sensitive information about the device and potentially expose user data to unauthorized access. This issue underscores the need for stringent security measures in software development, particularly concerning wireless communication modules. Users are advised to check for updates and apply necessary patches to mitigate risks associated with this vulnerability.
Affected Version(s)
Wifi Versions earlier than Android 10
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved