CVE-2020-5571

Name: CVE-2020-5571
Creator: NVD / NIST
Published: 2020-04-23T08:15:12.067+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 1.20%

Last modified Jun 17, 2026

CVE-2020-5571 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build number 01.00.01 and earlier, AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier, AQUOS sense lite SH-M05 build number 03.00.04 and earlier, AQUOS sense (UQ mobile) build number 03.00.03 and earlier, AQUOS compact SH-M06 build number 02.00.02 and earlier, AQUOS sense plus SH-M07 build number 02.00.02 and earlier, AQUOS sense2 SH-M08 build number 02.00.05 and earlier, and AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier) allow an attacker to obtain the sensitive information of the device via malicious applications installed on the device.. EPSS estimates a 1.20% chance of exploitation in the next 30 days.

Description

SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build number 01.00.01 and earlier, AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier, AQUOS sense lite SH-M05 build number 03.00.04 and earlier, AQUOS sense (UQ mobile) build number 03.00.03 and earlier, AQUOS compact SH-M06 build number 02.00.02 and earlier, AQUOS sense plus SH-M07 build number 02.00.02 and earlier, AQUOS sense2 SH-M08 build number 02.00.05 and earlier, and AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier) allow an attacker to obtain the sensitive information of the device via malicious applications installed on the device.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

1.20%

64.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Sharp	Aquos Sh-M02 Firmware	<= 01.00.05
Sharp	Aquos Sh-Rm02 Firmware	<= 01.00.04
Sharp	Aquos Mini Sh-M03 Firmware	<= 01.00.04
Sharp	Aquos Mini Sh-M03 Firmware	<= 01.00.01
Sharp	Aquos L2 Firmware	<= 01.00.05
Sharp	Aquos Sense Lite Sh-M05 Firmware	<= 03.00.04
Sharp	Aquos Sense Firmware	<= 03.00.03
Sharp	Aquos Compact Sh-M06 Firmware	<= 02.00.02
Sharp	Aquos Sense Plus Sh-M07 Firmware	<= 0.2.00.02
Sharp	Aquos Sense2 Sh-M08 Firmware	<= 02.00.05
Sharp	Aquos Sense2 Firmware	<= 02.00.06

References

https://jvn.jp/en/jp/JVN93064451/index.htmlThird Party Advisory
https://k-tai.sharp.co.jp/support/info/info036.htmlThird Party Advisory
https://jvn.jp/en/jp/JVN93064451/index.htmlThird Party Advisory
https://k-tai.sharp.co.jp/support/info/info036.htmlThird Party Advisory

Timeline

Published: Apr 23, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-5571?

How severe is CVE-2020-5571?

CVE-2020-5571 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.20% probability of exploitation in the next 30 days.

How do I fix CVE-2020-5571?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-5571?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST