CVE-2020-12488 – Broken Access Control Vulnerability in Jovi Smart Scene

https://notcve.org/view.php?id=CVE-2020-12488

The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission. El atacante puede acceder a la información confidencial almacenada en el módulo jovi Smart Scene al introducir comandos cuidadosamente construidos sin solicitar permiso • https://www.vivo.com/en/support/security-advisory-detail?id=5 • CWE-284: Improper Access Control CWE-668: Exposure of Resource to Wrong Sphere •