|
[Japanese]
|
JVNDB-2020-000026
|
Multiple SHARP Android devices vulnerable to information disclosure
|
|
Multiple SHARP Android devices contain an information disclosure vulnerability (CWE-200).
|
|
CVSS V3 Severity:
Base Metrics 3.3 (Low) [IPA Score]
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
CVSS V2 Severity:
Base Metrics 2.6 (Low) [IPA Score]
- Access Vector: Network
- Access Complexity: High
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: None
- Availability Impact: None
|
|
|
Sharp Corporation
- AQUOS compact SH-M06 build number 02.00.02 and earlier
- AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier
- AQUOS mini SH-M03 build number 01.00.04 and earlier
- AQUOS sense (UQ mobile) build number 03.00.03 and earlier
- AQUOS sense lite SH-M05 build number 03.00.04 and earlier
- AQUOS sense plus SH-M07 build number 02.00.02 and earlier
- AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier
- AQUOS sense2 SH-M08 build number 02.00.05 and earlier
- AQUOS SH-M02 build number 01.00.05 and earlier
- AQUOS SH-RM02 build number 01.00.04 and earlier
- AQUOS Mobile SH-N01 build number 01.00.01 and earlier
|
|
|
Sensitive information of the device may be obtained by the other android application installed in the device.
|
|
[Update the Firmware]
Update the firmware to the latest version according to the information provided by the developer.
|
|
Sharp Corporation
|
|
- Information Exposure(CWE-200) [IPA Evaluation]
|
|
- CVE-2020-5571
|
|
- JVN : JVN#93064451
- National Vulnerability Database (NVD) : CVE-2020-5571
|
|
- [2020/04/24]
Web page was published
|
