Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol, as demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.
Max CVSS
6.9
EPSS Score
0.05%
Published
2013-07-18
Updated
2017-08-29
1 vulnerabilities found