Blog | G5 Cyber Security

Adult VR App Leaked Personal Details for a Week Before a Patch Was Deployed

Details about two vulnerabilities in adult-themed virtual reality application were available to the general public for five days before the vendor intervened and patched the security holes. The vulnerabilities would have allowed an attacker to download names, email addresses and device (PC) names for everyone with an account on the site or for people who purchased content using PayPal accounts. Researchers didn’t publish proof-of-concept code, they did share redacted screenshots that an astute attacker could understand how to exploit to his advantage. A SinVR spokesperson has provided the following statement regarding the incident.

Source: https://www.bleepingcomputer.com/news/security/adult-vr-app-leaked-personal-details-for-a-week-before-a-patch-was-deployed/

Exit mobile version