CVE-2017-3742

Published: Jul 17, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to the user's contents could connect to the Connect2 hotspot and see the contents of files while they are being transferred between the two systems.

Vendor	Product	Versions
Lenovo Group Ltd.	Lenovo Connect2	affected `Earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android.`

References

https://support.lenovo.com/us/en/product_security/LEN-14398

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-3742

Description

Affected Products

References