CVE-2019-5216Race Condition in Huawei Honor 10 Firmware

CWE-362Race Condition3 documents3 sources
Severity
7.0HIGHNVD
EPSS
0.1%
top 75.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Huawei Honor 10 FirmwareHuawei Honor Play FirmwareHuawei Honor View 10 Firmware
Timeline
PublishedJun 6
Latest updateMay 24

Description

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. Successful exploit could cause execution of m

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

NVDhuawei/honor_play_firmware< cornell-al00a_9.0.0.156\(c00e156r1p13t8\)
NVDhuawei/honor_10_firmware< columbia-al10b_9.0.0.156\(c00e156r1p20t8\)
NVDhuawei/honor_view_10_firmware< berkeley-al20_9.0.0.156\(c00e156r2p14t8\)

🔴Vulnerability Details

2
GHSA
GHSA-657p-ghh6-v8fr: There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 92022-05-24
CVEList
CVE-2019-5216: There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 92019-06-06
CVE-2019-5216 — Race Condition in Huawei | cvebase