Privacy Vulnerability: Unintended Video Streaming in Wire for iOS

Privacy Vulnerability: Unintended Video Streaming in Wire for iOS

CVE-2021-21301 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.

Learn more about our Cis Benchmark Audit For Apple Ios.