CVE-2021-21301

Summary

Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.

Affected Software

VendorProductVersion RangeStatus
wireappwire-ios< 3.75affected

Weaknesses

  • CWE-200: CWE-200 Information Exposure

ADP Enrichment

CVE Program Container

Additional References

References