Time Weather Widget on Legion Phone Pro and Legion Phone2 Pro: GPS Data Access Vulnerability

Time Weather Widget on Legion Phone Pro and Legion Phone2 Pro: GPS Data Access Vulnerability

CVE-2021-3720 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

An information disclosure vulnerability was reported in the Time Weather system widget on Legion Phone Pro (L79031) and Legion Phone2 Pro (L70081) that could allow other applications to access device GPS data.

Learn more about our Web Application Penetration Testing UK.