{"vulnerability": "CVE-2019-2047", "sightings": [{"uuid": "144e354b-a7d1-43d3-a115-cc55bee32747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20472", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113443630505545884", "content": "", "creation_timestamp": "2024-11-07T20:47:08.745332Z"}, {"uuid": "009d358e-7a11-449e-9c85-09e732e8ac42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20472", "type": "seen", "source": "https://t.me/cvedetector/10135", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2019-20472 - One2Track PIN Configuration Denial of Use Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2019-20472 \nPublished : Nov. 7, 2024, 9:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a \"Remove PIN and restart!\" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T22:47:45.000000Z"}, {"uuid": "07606133-be35-4bef-bb42-5770c68ac740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-20477", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "7c2a7173-a257-40bf-8893-340233890aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20471", "type": "seen", "source": "https://t.me/VulnerabilityNews/20022", "content": "An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password, e.g., pw,,call, triggers an outbound call from the watch. The password is sometimes available because of CVE-2019-20471.\nPublished at: February 01, 2021 at 10:15PM\nView on website", "creation_timestamp": "2021-02-02T00:46:18.000000Z"}, {"uuid": "08f9779c-0155-4ed2-9993-5b6fb5c76701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20470", "type": "seen", "source": "https://t.me/cibsecurity/22931", "content": "\u203c CVE-2019-20471 \u203c\n\nAn issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-20470.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:16.000000Z"}, {"uuid": "42c014a7-439f-454a-8745-36446b5482e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20473", "type": "seen", "source": "https://t.me/cibsecurity/22930", "content": "\u203c CVE-2019-20473 \u203c\n\nAn issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a \"Remove PIN and restart!\" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:15.000000Z"}, {"uuid": "0bf8fa53-dc5c-4c0d-af4b-c12168df33aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20470", "type": "seen", "source": "https://t.me/cibsecurity/22929", "content": "\u203c CVE-2019-20470 \u203c\n\nAn issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password, e.g., pw,,call, triggers an outbound call from the watch. The password is sometimes available because of CVE-2019-20471.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:12.000000Z"}, {"uuid": "b5a8fb9e-3b9c-4549-857c-86f1f2f43ad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20471", "type": "seen", "source": "https://t.me/cibsecurity/22929", "content": "\u203c CVE-2019-20470 \u203c\n\nAn issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password, e.g., pw,,call, triggers an outbound call from the watch. The password is sometimes available because of CVE-2019-20471.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:12.000000Z"}, {"uuid": "d931c4cb-5792-4c46-89d3-c8feee44f52d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20471", "type": "seen", "source": "https://t.me/cibsecurity/22931", "content": "\u203c CVE-2019-20471 \u203c\n\nAn issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-20470.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:16.000000Z"}, {"uuid": "84c47cc7-3084-41c8-a15d-9251de12d977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20470", "type": "seen", "source": "https://t.me/VulnerabilityNews/20021", "content": "An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-20470.\nPublished at: February 01, 2021 at 10:15PM\nView on website", "creation_timestamp": "2021-02-02T00:46:17.000000Z"}]}