Home > Vulnerability Database > CVE-2021-21301

Mend.io Vulnerability Database

CVE-2021-21301

Good to know:

Date: February 11, 2021

Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.

Language: Swift

Severity Score

4.0

Related Resources (5)

Url: https://github.com/wireapp/wire-ios/security/advisories/GHSA-7fg4-x8vj-qvxf

Url: https://github.com/wireapp/wire-ios/pull/4879

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-21301

Url: https://github.com/wireapp/wire-ios/commit/7e3c30120066c9b10e50cc0d20012d0849c33a40

Url: https://www.mend.io/vulnerability-database/CVE-2021-21301

Severity Score

4.0

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

Top Fix

Upgrade Version

Upgrade to version appstore/3.75

Learn More

CVSS v3

Base Score:	4.0
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL

CVSS v2

Base Score:	5.9
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-21301

Good to know:

Date: February 11, 2021

Language: Swift

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3

CVSS v2

Do you need more information?