Details of VAR-202106-2307

ID

VAR-202106-2307

TITLE

Information disclosure vulnerability exists in Hisense A5 series mobile phones

Trust: 0.6

sources: CNVD: CNVD-2021-37377

DESCRIPTION

Hisense owns Hisense Video (600060) and Hisense Home Appliances (000921), two listed companies in Shanghai, Shenzhen, and Hong Kong. Its subsidiaries include Hisense, Toshiba, Gorenje, Kelon, and Rongsheng (Ronshen) and ASKO and many other brands. Hisense A5 series mobile phones have information leakage vulnerabilities. Attackers can use the vulnerability to monitor the content of the user's call.

Trust: 0.6

sources: CNVD: CNVD-2021-37377

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-37377

AFFECTED PRODUCTS

vendor:

qingdao hisense marketing management

model:

a5 series mobile phones

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-37377

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-37377
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-37377
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-37377

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-37377

Trust: 0.6

sources: CNVD: CNVD-2021-37377

SOURCES

db:

CNVD

id:

CNVD-2021-37377

LAST UPDATE DATE

2022-05-04T09:59:28.890000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-37377

date:

2021-05-27T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-37377

date:

2021-06-25T00:00:00