Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-5571

SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build number 01.00.01 and earlier, AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier, AQUOS sense lite SH-M05 build number 03.00.04 and earlier, AQUOS sense (UQ mobile) build number 03.00.03 and earlier, AQUOS compact SH-M06 build number 02.00.02 and earlier, AQUOS sense plus SH-M07 build number 02.00.02 and earlier, AQUOS sense2 SH-M08 build number 02.00.05 and earlier, and AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier) allow an attacker to obtain the sensitive information of the device via malicious applications installed on the device.

Published

2020-04-23T08:15:12.067

Last Modified

2024-11-21T05:34:17.607

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	sharp	aquos_sh-m02_firmware	≤ 01.00.05	Yes
Hardware	sharp	aquos_sh-m02	-	No
Operating System	sharp	aquos_sh-rm02_firmware	≤ 01.00.04	Yes
Hardware	sharp	aquos_sh-rm02	-	No
Operating System	sharp	aquos_mini_sh-m03_firmware	≤ 01.00.04	Yes
Hardware	sharp	aquos_mini_sh-m03	-	No
Operating System	sharp	aquos_mini_sh-m03_firmware	≤ 01.00.01	Yes
Hardware	sharp	aquos_mini_sh-m03	-	No
Operating System	sharp	aquos_l2_firmware	≤ 01.00.05	Yes
Hardware	sharp	aquos_l2	-	No
Operating System	sharp	aquos_sense_lite_sh-m05_firmware	≤ 03.00.04	Yes
Hardware	sharp	aquos_sense_lite_sh-m05	-	No
Operating System	sharp	aquos_sense_firmware	≤ 03.00.03	Yes
Hardware	sharp	aquos_sense	-	No
Operating System	sharp	aquos_compact_sh-m06_firmware	≤ 02.00.02	Yes
Hardware	sharp	aquos_compact_sh-m06	-	No
Operating System	sharp	aquos_sense_plus_sh-m07_firmware	≤ 0.2.00.02	Yes
Hardware	sharp	aquos_sense_plus_sh-m07	-	No
Operating System	sharp	aquos_sense2_sh-m08_firmware	≤ 02.00.05	Yes
Hardware	sharp	aquos_sense2_sh-m08	-	No
Operating System	sharp	aquos_sense2_firmware	≤ 02.00.06	Yes
Hardware	sharp	aquos_sense2	-	No

References

https://jvn.jp/en/jp/JVN93064451/index.html Third Party Advisory ([email protected])
https://k-tai.sharp.co.jp/support/info/info036.html Third Party Advisory ([email protected])
https://jvn.jp/en/jp/JVN93064451/index.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://k-tai.sharp.co.jp/support/info/info036.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)