Vulnerability Note VU#763355
802.1X password exploit on many HTC Android devices
Overview
A user's 802.1X WiFi credentials and SSID information may be exposed to any application with basic WiFi permissions on certain HTC builds of Android.
Description
Any Android application on an affected HTC build with the android.permission.ACCESS_WIFI_STATE permission can use the .toString() member of the WifiConfiguration class to view all 802.1X credentials and SSID information. If the same application also has the android.permission.INTERNET permission then that application can harvest the credentials and exfiltrate them to a server on the Internet. The following devices have been reported as affected:
|
Impact
An attacker may be able to view and exfiltrate WiFi SSID information and credentials. |
Solution
Apply an Update |
Vendor Information (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| HTC | Affected | - | 01 Feb 2012 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.htc.com/www/help/
- http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html
Credit
Thanks to Chris Hessing and Bret Jordan for reporting this vulnerability.
This document was written by Jared Allar.
Other Information
- CVE IDs: CVE-2011-4872
- Date Public: 01 Feb 2012
- Date First Published: 01 Feb 2012
- Date Last Updated: 01 Feb 2012
- Severity Metric: 1.23
- Document Revision: 18
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.