Security Advisory | Information disclosure vulnerability in Alarm clock module
Original release date: 2021-07-19
CVE ID
CVE-2021-26281
CVSS 3.1 Base Score
5.5 Medium (AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N)
Description
Some parameters of the alarm clock module are improperly stored, leaking some sensitive information.
Software Versions and Fixes
- Software Affected Version Fixed Version
- Alarm clock Versions earlier than 6.0.1.2 Upgrade to 6.0.1.2 or later
Temporary Fix
NA
Obtaining Fixed Software
The vulnerability can be fixed by updating the vivo alarm clock.
Source
Xiaofeng Liu (Shandong University) / Qinsheng Hou (Shandong University & Qi An Xin Group Corp.)
Update Records
2021-07-19 V1.0 INITIAL
FAQs
NA
vivo Security Procedures
vivo is committed to providing users with best cyber security products and services, and follows the industrial best practice to handle and publish vunerability information.
To report a security vulnerability in vivo products and solutions, please send it to security@vivo.com.
For details, please visit Security Advisory.
To report a security vulnerability in vivo products and solutions, please send it to security@vivo.com.
For details, please visit Security Advisory.