Improper Permission Control in WiFi Module Affects Vivo Devices
CVE-2021-26278

6.3MEDIUM

Key Information:

Vendor: Vivo
Status: Wifi
Vendor: CVE Published:; 17 December 2024

What is CVE-2021-26278?

CVE-2021-26278 is a critical vulnerability affecting the WiFi module of certain Vivo devices. This vulnerability arises from improper permission controls, which can leak sensitive information about the device and potentially expose user data to unauthorized access. This issue underscores the need for stringent security measures in software development, particularly concerning wireless communication modules. Users are advised to check for updates and apply necessary patches to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Wifi Versions earlier than Android 10

References

https://www.vivo.com/en/support/security-advisory-detail?...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 17, 2024
Vulnerability Reserved
Jan 27, 2021

JSON

Vivo