16 November 2016

161116 Major security hole at Swedish mobile operator Comviq

Major security hole at Swedish mobile operator Comviq may reveal personal data of any subscriber.
The backdoor was discovered today 161116.
Despite logging in with a certain subscriber identity, you can access under certain conditions the personal data of any other subscriber.
Comviq company and its mother company Tele2 have been informed.
The backdoor was documented with screenshots sent to Comviq/Tele2.
For obvious security reasons no details are given here.