Description
Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the call when the user believes it is disabled. It impacts all users in video calls. This is fixed in version 3.75.
References (3)
Core 3
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/wireapp/wire-ios/security/advisories/GHSA-7fg4-x8vj-qvxf
Patch, Third Party Advisory x_refsource_misc
https://github.com/wireapp/wire-ios/pull/4879
Patch, Third Party Advisory x_refsource_misc
https://github.com/wireapp/wire-ios/commit/7e3c30120066c9b10e50cc0d20012d0849c33a40
Scores
CVSS v3
2.6
EPSS
0.0092
EPSS Percentile
55.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
wire/wire
< 3.75
Published
Feb 11, 2021
Tracked Since
Feb 18, 2026