CVE-2017-14487 – This vulnerability allows attackers to imperson... (How to Fix)

Q: What is the severity of CVE-2017-14487?

CVE-2017-14487 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows attackers to impersonate legitimate users by intercepting network traffic and modifying authentication data stored locally on mobile devices. It affects users of the OhMiBod Remote app on both Android and iOS platforms. Attackers can gain unauthorized access to user accounts and potentially control connected devices.

📋 TL;DR

This vulnerability allows attackers to impersonate legitimate users by intercepting network traffic and modifying authentication data stored locally on mobile devices. It affects users of the OhMiBod Remote app on both Android and iOS platforms. Attackers can gain unauthorized access to user accounts and potentially control connected devices.

💻 Affected Systems

Products:

OhMiBod Remote app

Versions: All versions prior to patch (specific version unknown)

Operating Systems: Android, iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability requires app installation and network traffic interception capability.

📦 What is this software?

Ohmibod Remote by Ohmibod

View all CVEs affecting Ohmibod Remote →

Ohmibod Remote by Ohmibod

View all CVEs affecting Ohmibod Remote →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete account takeover allowing attackers to control connected OhMiBod devices, access personal user data, and potentially compromise other linked accounts or services.

🟠

Likely Case

Unauthorized access to user accounts enabling control of connected devices and potential exposure of personal information stored in the app.

🟢

If Mitigated

Limited impact if network traffic is encrypted and local storage is properly secured, though some risk remains from physical device access.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network sniffing capability and physical/remote access to modify local storage files.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown specific version

Vendor Advisory: https://dl.acm.org/citation.cfm?id=3139942&preflayout=flat

Restart Required: Yes

Instructions:

Update OhMiBod Remote app to latest version from official app stores
Uninstall and reinstall app if update not available

🔧 Temporary Workarounds

Disable app network permissions

android

Prevent app from accessing network to block traffic interception

Use VPN on untrusted networks

all

Encrypt all network traffic to prevent sniffing

🧯 If You Can't Patch

Uninstall the OhMiBod Remote app completely
Avoid using the app on untrusted networks or public WiFi

🔍 How to Verify

Check if Vulnerable:

Check if OhMiBod Remote app is installed and review app version against latest available in app store

Check Version:

Check app version in device settings > Apps > OhMiBod Remote

Verify Fix Applied:

Verify app has been updated to latest version and test authentication functionality

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts from same device
Unusual device control patterns

Network Indicators:

Unencrypted authentication traffic to OhMiBod API servers
Suspicious network sniffing tools on same network

SIEM Query:

source="mobile_device" app="OhMiBod Remote" (event="authentication_failure" OR event="unusual_activity")

📊 Metadata

CVE ID: CVE-2017-14487

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-290

Published: December 1, 2017

Last Updated: April 20, 2025

🔗 References

https://dl.acm.org/citation.cfm?id=3139942&preflayout=flat Issue Tracking,Third Party Advisory
https://dl.acm.org/citation.cfm?id=3139942&preflayout=flat Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-14487, you might also want to check these: