CVE-2019-5245

CWE-427CWE-4263 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 81.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Hisuite
Timeline
PublishedJun 13
Latest updateMay 24

Description

HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages2 packages

NVDhuawei/hisuite9.1.0.300
CVEListV5hisuiteEarlier than HiSuite 9.1.0.300 versions

🔴Vulnerability Details

2
GHSA
GHSA-r999-q7xx-m77p: HiSuite 92022-05-24
CVEList
CVE-2019-5245: HiSuite 92019-06-13
CVE-2019-5245 (MEDIUM CVSS 5.3) | HiSuite 9.1.0.300 versions and earl | cvebase.io