CVE-2019-20469 — MEDIUM (4.6)

Vulnerability Description

An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stored in .amr format, in the audior directory. An attacker who has physical access can retrieve all audio files by connecting via a USB cable.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Related Weaknesses (CWE)

CWE-922

References

FAQ

What is CVE-2019-20469?

CVE-2019-20469 is a vulnerability with a CVSS score of 4.6 (MEDIUM). An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stored in .amr format, in the audior directory. An attacker wh...

How severe is CVE-2019-20469?

CVE-2019-20469 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-20469?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.