When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks.
The vulnerability can be fixed by upgrading the Android 10 version.
ByteDance Security Center Zheng Yuwei.
vivo is committed to providing users with best cyber security products and services, and follows the industrial best practice to handle and publish vunerability information.
To report a security vulnerability in vivo products and solutions, please send it to firstname.lastname@example.org
For details, please visit Security Advisory