SMARTPHONE

Lenovo Fixes Privacy Flaw in Bundled SHAREit App for Android, Windows

sristy
By sristy 3 Min Read

Lenovo Fixes Privacy Flaw in Bundled SHAREit App for Android, WindowsIt seems there is no end to security issues related to devices and software from Lenovo. The latest in the series has been reported to be affecting Lenovo’s SHAREit app that comes bundled with devices running Android as well as Windows.

The free app from Lenovo allows people to share files and folder cross-platform sharing for phones, desktops, and tablets. The vulnerability was first discovered by Ivan Huertas from Core Security Consulting Team. The Chinese company has now released an updated version of its SHAREit app for Windows as well as Android which fixes the reported issue. The updated SHAREit app can be downloaded from here. Android users can head to Google Play to download the update.

The SHAREit app on both Android and Windows was prone to multiple vulnerabilities which could allow an attacker to leak information or bypass security, according to Core Security. The biggest issue of the free app from Lenovo was its hard-coded password of “12345678” which could be easily bypassed by any attacker.

Core Security team explains that when Lenovo SHAREit for Windows app is configured to receive files, a Wi-Fi hotspot is set with a hard-coded password (“12345678”). Considering that the password could not be changed, any system with a Wi-Fi network card could connect to the Hotspot by using the password.

“When the Wi-Fi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit,” adds the team.

The transfer of files was done via HTTP and is without encryption which makes it easy for an attacker to sniff the network traffic to view the data transferred or modify the content of the transferred files, the report.

With the update, Lenovo has added a new “Secure Mode” to its SHAREit app that can be enabled by users when they want to connect to another user securely. The feature will require the user to enter a password which then tells SHAREit to encrypt the transmission between users and devices.

[“source-gadgets”]

TAGGED: , , ,
Previous Article Depth-sensing cameras will open up a whole new frontier for smartphones
Next Article Lyft Settles, but Drivers Will Remain Contractors

Latest News

From Patient to Professional: How To Use Your Recovery Journey To Help Others
NEWS
Quotes About Personality to Achieve in Life
NEWS
Here’s Why You Should Consider an Early Halloween-themed Pop-up Store
Here’s Why You Should Consider an Early Halloween-themed Pop-up Store
NEWS
Hot Chocolate Recipe: A Delightful Treat from My Cafe
Chocolate
Hot Chocolate PNG: Savoring the Sweetness of Digital Art
Chocolate
Hot Chocolate Martini: A Delicious Twist on Classic Cocktails
Chocolate
Hot Chocolate Jokes: Stirring Up Laughter, One Mug at a Time
Chocolate
The Ultimate Guide to Hot Chocolate Frosting
Chocolate
Lost your password?