Information Disclosure Vulnerability in SHARP AQUOS Devices
CVE-2020-5571

7.5HIGH

Key Information:

Vendor: Sharp Corporation
Status: Sharp Aquos Series
Vendor: CVE Published:; 23 April 2020

🔔 Create Sharp Corporation Vulnerability Alert

What is CVE-2020-5571?

Certain SHARP AQUOS devices are vulnerable to an information disclosure flaw that allows malicious applications installed on the device to gain access to sensitive information. This vulnerability affects multiple models across the AQUOS series, making it essential for users to be aware of the risks posed by untrusted applications. Users are advised to ensure the installation of the latest software updates to mitigate potential threats.

Affected Version(s)

SHARP AQUOS series AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build number 01.00.01 and earlier, AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier, AQUOS sense lite SH-M05 build number 03.00.04 and earlier, AQUOS sense (UQ mobile) build number 03.00.03 and earlier, AQUOS compact SH-M06 build number 02.00.02 and earlier, AQUOS sense plus SH-M07 build number 02.00.02 and earlier, AQUOS sense2 SH-M08 build number 02.00.05 and earlier, and AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier

References

https://k-tai.sharp.co.jp/support/info/info036.html

x_refsource_MISC

https://jvn.jp/en/jp/JVN93064451/index.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 23, 2020
Vulnerability Reserved
Jan 6, 2020