A Portuguese security expert has uncovered the Cupid attack, a new Heartbleed attack vector which can impact Android devices, enterprise wireless networks and other connected devices. The attack happens on TLS connections over the Extensible Authentication Protocol (EAP), the popular authentication framework typically used in wireless networks. Both clients and servers can be exploited and memory can be read off processes on both ends of the connection. Mobile devices running Android 4.1.0 and 4.1.1 are affected because they use wpa_supplicant to connect to wireless networks. 802.1x Network Access Controlled wired networks could be impacted.”]
Source: http://securityaffairs.co/wordpress/25433/hacking/cupid-attack-heartbleed-vector.html