Описание
An information disclosure vulnerability was reported in the Time Weather system widget on Legion Phone Pro (L79031) and Legion Phone2 Pro (L70081) that could allow other applications to access device GPS data.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 12.5.231 (исключая)
Одновременно
cpe:2.3:o:lenovo:legion_phone_pro_\(l79031\)firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:legion_phone_pro_\(l79031\):-:*:*:*:*:*:*:*
Конфигурация 2Версия до 12.5.632 (исключая)
Одновременно
cpe:2.3:o:lenovo:legion_phone2_pro_\(l70081\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:legion_phone2_pro_\(l70081\):-:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00044
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-276
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
An information disclosure vulnerability was reported in the Time Weather system widget on Legion Phone Pro (L79031) and Legion Phone2 Pro (L70081) that could allow other applications to access device GPS data.
EPSS
Процентиль: 13%
0.00044
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-276
NVD-CWE-noinfo