CVE-2019-20473

Name of the Vulnerable Software and Affected Versions TK-Star Q90 Junior GPS horloge version 3.1042.9.8656

Description An issue was discovered where any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device produces a "Remove PIN and restart!" message and cannot be used, making it easier for an attacker to use the SIM card by stealing the device.

Recommendations For version 3.1042.9.8656, consider removing the PIN from the SIM card to allow the device to function, but be aware that this reduces the security of the SIM card. As a temporary workaround, restrict access to the device to minimize the risk of theft and subsequent SIM card exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.