CVE-2019-5244

CWE-20Improper Input Validation3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 71.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Mate 9 PRO FimwareHuawei Mate 9 PRO
Timeline
PublishedJun 4
Latest updateMay 24

Description

Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privilege to install an application on the smart phone, and the application can read some process information, which may cause sensitive information leak.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/mate_9_pro_fimware< lon-l29c_8.0.0.361\(c636\)
CVEListV5huawei/mate_9_proEarlier than LON-L29C 8.0.0.361(C636) versions

🔴Vulnerability Details

2
GHSA
GHSA-h243-hj7h-322p: Mate 9 Pro Huawei smartphones earlier than LON-L29C 82022-05-24
CVEList
CVE-2019-5244: Mate 9 Pro Huawei smartphones earlier than LON-L29C 82019-06-04
CVE-2019-5244 (MEDIUM CVSS 5.5) | Mate 9 Pro Huawei smartphones earli | cvebase.io