CVE-2019-5265 — Huawei P30 vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 59.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei P30 Huawei P30 Firmware

Timeline

PublishedDec 23

Latest updateMay 24

Description

Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5huawei/p309.1.0.193(C00E190R2P1)

▶NVDhuawei/p30_firmware9.1.0.193\(c00e190r2p1\)

🔴Vulnerability Details

GHSA

GHSA-h43f-65rj-8fvg: Huawei Share function in P30 9↗2022-05-24

▶

CVEList

CVE-2019-5265: Huawei Share function in P30 9↗2019-12-23

▶