Vulnerabilities > CVE-2019-20473 - Unspecified vulnerability in Tk-Star Q90 Junior GPS Horloge Firmware 3.1042.9.8656

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

tk-star

NVD

Published: 2021-02-01

Updated: 2024-08-01

Summary

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device.

Vulnerable Configurations

Part	Description	Count
OS	Tk-Star TK Star Q90 Junior GPS Horloge Firmware 3.1042.9.8656	1
Hardware	Tk-Star TK Star Q90 Junior GPS Horloge -	1

References

https://www.tk-star.com
https://www.eurofins-cybersecurity.com/news/connected-devices-smart-watches/
http://seclists.org/fulldisclosure/2024/Jul/14