Vulnerability: Privacy Leakage through Probe Requests on Qualcomm Snapdragon Mobile and Snapdragon Wear Devices

Vulnerability: Privacy Leakage through Probe Requests on Qualcomm Snapdragon Mobile and Snapdragon Wear Devices

CVE-2017-18072 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impact the user's privacy if someone sniffs the probe requests originated by this DUT. Hence, control the presence of which information elements is supported.

Learn more about our Cis Benchmark Audit For Google Android.