← back
CVE-2017-2730

CVE-2017-2730

EPSS 0.3%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Nov 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect the information of iPhone mode and firmware version.
Affected products
Huawei Technologies Co., Ltd. · HUAWEI HiLink APP (for IOS), HUAWEI Tech Support APP (for IOS)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170310-01-hilinkapp-en