Thursday01 December 2022

New WiFi Vulnerability Found in Some HTC Phones

Reading time is around minutes.

3d-11As the mobile market begins to become more and more an everyday lifestyle (how often have you seen someone browsing the web on their phone during your morning commute) we are finding that simple things are being left open to potential attack. These are not new items and are often holes or exploits that have been dealt with in the PC (including Mac) world long ago. Still the mobile market where it is today is a lot like the PC market in its infancy; nothing is really secure and both Apps and OSes have a long way to go before they are truly protected.

This leads us to the point of this article. It seems that some HTC phones leave your 802.1X Passwords and SSID information exposed. The flaw is not in all phones, but appears to be in certain builds of these phones (which makes us suspect the actual WiFi radios in combination with the software). What happens is that a WiFi enabled device can exploit an applications Internet connectivity to send commands to the affected phone. This causes a dump of the WiFi information to be sent to a remote server. The information sent can include enterprise level authentication data. We do not have confirmation if this exploit allows offloading of security certificates (many enterprise class networks use a combination of device certificates and password authentication), but this would be a serious concern if it does.

HTC does have a fix that patches the WiFi exploit which is a simple update to the phone. Although they do claim that most phones have already received the update, they also state that some phones will need manual updating. The problem is that they do not list what phones these are and do not have the manual patch ready for download and installation. We do have a very simple solution though, turn off WiFi when not needed or simply do not use the WiFi on your phone.  

The list of confirmed HTC phones is show below as found on Bret Jordan’s blog. Bret also warns that other HTC and non-HTC phones could be affected depending on what version of Android they are using.

Desire HD (both "ace" and "spade" board revisions) - Versions FRG83D, GRI40
Glacier - Version FRG83
Droid Incredible - Version FRF91
Thunderbolt 4G - Version FRG83D
Sensation Z710e - Version GRI40
Sensation 4G - Version GRI40
Desire S - Version GRI40
EVO 3D - Version GRI40
EVO 4G - Version GRI40

We hope that HTC releases the manual patch soon and that other manufacturers begin to check their phones to ensure they are not affects as well.

Source US-CERT and Bret Jordan’s Blog My War With Entropy

Discuss this in our Forum

Last modified on Thursday, 02 February 2012 09:42

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

From The Blog