Vulnerability: Lack of SIM Card PIN Configuration on TK-Star Q90 Junior GPS Horloge

Vulnerability: Lack of SIM Card PIN Configuration on TK-Star Q90 Junior GPS Horloge

CVE-2019-20473 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device.

Learn more about our Web Application Penetration Testing UK.