Click to Skip Ad
Closing in...

Wi-Fi security hole discovered in multiple HTC devices

Updated Dec 19th, 2018 7:45PM EST
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

HTC has acknowledged that some the company’s handsets contain a security hole involving the handling of certain data requests while connected to a Wi-Fi network. Security researchers Chris Hessing and Bret Jordan discovered the vulnerability, which could use the android.permission.ACCESS_WIFI_STATE permission to create a command to view all Wi-Fi credentials while connected to the network. The researchers discovered the flaw in September, however over the past few months they have worked with HTC and Google to patch things up before going public. The hole could have been used to transmit information to a remote server using the Internet access permission. Read on for more.

“HTC has developed a fix for a small WiFi issue affecting some HTC phones,” HTC posted on its support site. “Most phones have received this fix already through regular updates and upgrades. However, some phones will need to have the fix manually loaded. Please check back next week for more information about this fix and a manual download if you need to update your phone.”

Four Froyo devices are vulnerable to the exploit — the Glacier (myTouch 4G), DROID Incredible, Thunderbolt 4G and Desire HD — and four Gingerbread devices are vulnerable — the Desire HD, Desire S, Sensation and EVO 3D.

[Via TheNextWeb]

Read

Dan joins the BGR team as the Android Editor, covering all things relating to Google’s premiere operating system. His work has appeared on Fox News, Fox Business and Yahoo News, among other publications. When he isn’t testing the latest devices or apps, he can be found enjoying the sights and sounds of New York City.