CVE-2019-20469

MEDIUM Year: 2019
CVSS v3 Score
4.6
Medium
Weakness Type
CWE-922
View all →

Vulnerability Description

An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stored in .amr format, in the audior directory. An attacker who has physical access can retrieve all audio files by connecting via a USB cable.

Related Vulnerabilities

CVE-2022-2815

MEDIUM
CVSS:4.6(Medium)

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.

CWE-9222022

CVE-2023-49515

MEDIUM
CVSS:4.6(Medium)

Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connecti...

CWE-9222023

CVE-2024-40813

MEDIUM
CVSS:4.6(Medium)

A lock screen issue was addressed with improved state management. This issue is fixed in watchOS 10.6, iOS 17.6 and iPadOS 17.6. An attacker with physical access may be able to use Siri to access sens...

CWE-9222024

CVE-2024-10041

MEDIUM
CVSS:4.7(Medium)

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this ...

CWE-9222024

CVE-2019-9253

MEDIUM
CVSS:4.4(Medium)

In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. This could lead to local information disclosure with System execution pr...

CWE-9222019

CVE-2020-9202

MEDIUM
CVSS:4.4(Medium)

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacke...

CWE-9222020