|CVSS SCORE||3.3, (AV:A/AC:L/Au:N/C:P/I:N/A:N)|
The specific flaw exists within the handling of the SBeam peer-to-peer wireless connection. As soon as the connection is initiated with NFC, a vulnerable device will launch an HTTP server on port 15000. This server allows a remote attacker to download any or all images on the vulnerable device without notification or user interaction.
11/11/2015 - ZDI disclosed this report from Mobile Pwn2Own to the vendor
-- Vendor Response:
Fixes for both issues ZDI-CAN-2613 and ZDI-CAN-2614 require FOTA updates from carriers, such that there is no link to a patch for these fixes. While we believe only a small number of devices haven't received the software (FOTA) update from their respective carriers, there are number of devices still at risk from those vulnerabilities.
|CREDIT||Rob Miller and Jon Butler, MWR Labs (@mwrlabs)