[Suggested description]
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices.
It performs actions based on certain SMS commands. This
can be used to set up a voice communication channel from the watch to
any telephone number, initiated by sending a specific SMS and using the
default password, e.g., pw,<password>,call,<mobile_number> triggers an outbound call
from the watch.
The password is sometimes available because of CVE-2019-20471.
------------------------------------------
[VulnerabilityType Other]
Remote audio connection without explicit approval
------------------------------------------
[Vendor of Product]
TK-star
------------------------------------------
[Affected Product Code Base]
TK-Star Q90 Junior GPS horloge - 3.1042.9.8656
------------------------------------------
[Affected Component]
Smartwatch
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Code execution]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
An attacker needs to send an SMS to the device's mobile number. Knowledge of the mobile number is required before this vulnerability can be exploited.
------------------------------------------
[Has vendor confirmed or acknowledged the vulnerability?]
true
------------------------------------------
[Discoverer]
Dennis van Warmerdam, Jasper Nota, Jim Blankendaal
------------------------------------------
[Reference]
https://www.tk-star.com
Use CVE-2019-20470.