A number of severe security vulnerabilities have been patched in Lenovo products, one of which involving a hard-coded password which has been awarded the title of the third ‘worst password’ of all time. Researchers have disclosed four vulnerabilities in Lenovo ShareIT which could result in information leaks, security protocol bypass and man-in-the-middle (MITM) attacks. Although now patched, one, in particular, places Lenovo’s understanding of basic security principles at risk — as a hard-coded password set as “12345678” opens the door to hotspot Wi-Fi abuse.
View full story
ORIGINAL SOURCE: ZDNet