Login Sign Up

CVE-2019-20471

7.8 HIGH
Authentication Bypass

📋 TL;DR

The TK-Star Q90 Junior GPS smartwatch uses a hardcoded default administrative password (123456) that cannot be changed during initial setup. This allows attackers to gain administrative access to the device. All users of this specific smartwatch model are affected.

💻 Affected Systems

Products:
  • TK-Star Q90 Junior GPS smartwatch
Versions: Firmware version 3.1042.9.8656
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices ship with this vulnerable configuration. The vulnerability exists at initial setup with no option to change the password.

📦 What is this software?

Q90 Junior Gps Horloge Firmware by Tk Star

View all CVEs affecting Q90 Junior Gps Horloge Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing location tracking, data theft, and potential use as an attack vector when combined with CVE-2019-20470.

🟠

Likely Case

Unauthorized administrative access to the smartwatch, enabling data extraction and device manipulation.

🟢

If Mitigated

Limited impact if device is isolated from networks and physical access is controlled.

🌐 Internet-Facing: MEDIUM - Device connects to cellular networks and Wi-Fi, but exploitation requires network access to the device.
🏢 Internal Only: LOW - Primarily a personal consumer device, not typically deployed in enterprise environments.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires knowledge of the default password (123456) and network access to the device. Combined exploitation with CVE-2019-20470 increases impact.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tk-star.com

Restart Required: No

Instructions:

No official patch available. Contact vendor for firmware updates or replacement options.

🔧 Temporary Workarounds

Disable network connectivity

all

Prevent remote exploitation by disabling Wi-Fi and cellular data connections

Manual device settings configuration

Physical isolation

all

Keep device in Faraday bag or disconnected when not in use

🧯 If You Can't Patch

  • Discontinue use of the device immediately
  • Replace with a different model from a vendor with better security practices

🔍 How to Verify

Check if Vulnerable:

Check device firmware version in settings. If version is 3.1042.9.8656, device is vulnerable.

Check Version:

Navigate to device Settings > About > Firmware Version

Verify Fix Applied:

No fix available to verify. Consider device replacement.

📡 Detection & Monitoring

Log Indicators:

  • Failed authentication attempts followed by successful login with default credentials
  • Unusual administrative access patterns

Network Indicators:

  • Unexpected administrative connections to device management ports
  • Traffic patterns indicating device compromise

SIEM Query:

Authentication events with username 'admin' and password '123456' OR default credential usage patterns

📊 Metadata

CVE ID: CVE-2019-20471
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-798
Published: February 1, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-20471, you might also want to check these:

CVE-2025-20188 10.0

This critical vulnerability in Cisco IOS XE Wireless LAN Controllers allows unauthenticated remote a...

Same vulnerability type (CWE-798)
CVE-2026-22769 10.0

Dell RecoverPoint for Virtual Machines versions before 6.0.3.1 HF1 contain hardcoded credentials tha...

Same vulnerability type (CWE-798)
CVE-2021-0248 10.0

This vulnerability involves hard-coded credentials in Juniper Junos OS on NFX Series devices, allowi...

Same vulnerability type (CWE-798)