CVE-2019-5211

CWE-20Improper Input Validation3 documents3 sources
Severity
5.7MEDIUM
EPSS
0.1%
top 76.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei P20 Firmware
Timeline
PublishedNov 29
Latest updateMay 24

Description

The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully exploit may cause some files on the victim's mobile phone are deleted.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/p20_firmware< emily-l29c_9.1.0.311\(c10e2r1p13t8\)+3
CVEListV5p20Versions earlier than Emily-L29C 9.1.0.311(C10E2R1P13T8), Versions earlier than Emily-L29C 9.1.0.311(C461E2R1P11T8),Versions earlier than Emily-L29C 9.1.0.311(C605E2R1P12T8), Versions earlier than Emily-L29C 9.1.0.311(C432E7R1P11T8)

🔴Vulnerability Details

2
GHSA
GHSA-5pwx-hqqw-2m2r: The Huawei Share function of P20 phones with versions earlier than Emily-L29C 92022-05-24
CVEList
CVE-2019-5211: The Huawei Share function of P20 phones with versions earlier than Emily-L29C 92019-11-29
CVE-2019-5211 (MEDIUM CVSS 5.7) | The Huawei Share function of P20 ph | cvebase.io