Vulnerability Description
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tk-Star | Q90 Junior Gps Horloge Firmware | 3.1042.9.8656 |
| Tk-Star | Q90 Junior Gps Horloge | - |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2024/Jul/14
- https://www.eurofins-cybersecurity.com/news/connected-devices-smart-watches/Third Party Advisory
- https://www.tk-star.comVendor Advisory
- http://seclists.org/fulldisclosure/2024/Jul/14
- https://www.eurofins-cybersecurity.com/news/connected-devices-smart-watches/Third Party Advisory
- https://www.tk-star.comVendor Advisory
FAQ
What is CVE-2019-20468?
CVE-2019-20468 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS.
How severe is CVE-2019-20468?
CVE-2019-20468 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-20468?
Check the references section above for vendor advisories and patch information. Affected products include: Tk-Star Q90 Junior Gps Horloge Firmware, Tk-Star Q90 Junior Gps Horloge.