From the provided screenshot of the webpage, the key information about the vulnerability that affected FreeWifi_Secure can be summarized as follows: Summary of Vulnerability Key Points: Vulnerability Overview: - FreeWifi_Secure was a feature that enabled automatic and secure Wi-Fi connectivity using EAP-SIM for Free Mobile subscribers. - The service leaked the full IMSI (International Mobile Subscriber Identity) during the EAP-SIM authentication process. - The vulnerability resulted from the failure to use a temporary or pseudonym (TMSI) rather than the real IMSI. Technical Details: - The leak occurred in the "EAP-Request/Identity" message, where the phone's actual IMSI was exposed in clear text. - The EAP-SIM used by FreeWifi_Secure did not provide privacy protection by default. - The vulnerability was systemic and impacted all devices using the FreeWifi_Secure service. Impact: - Privacy and confidentiality were affected. - An attacker within Wi-Fi range could passively capture IMSIs for remote tracking, correlation, and exploitation via telecom protocols like SS7. Mitigation: - Free chose to disable FreeWifi_Secure as a quick mitigation. - Users were advised to remove FreeWifi_Secure profiles from their devices. Conclusion: - The vulnerability highlighted the ongoing privacy risks in Wi-Fi and cellular deployments. - It served as a reminder for vendors and operators to address privacy and security in authentication and identification mechanisms.