CVE-2019-5292

3 documents3 sources

Severity

3.3LOW

EPSS

0.1%

top 82.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Honor 10 Lite Firmware Huawei Honor 8A Firmware Huawei Huawei Y6 Firmware

Timeline

PublishedNov 13

Latest updateMay 24

Description

Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

▶NVDhuawei/honor_10_lite_firmware< 9.1.0.217\(c00e215r3p1\)

▶NVDhuawei/honor_8a_firmware< 9.1.0.205\(c00e97r1p9\)

▶NVDhuawei/huawei_y6_firmware< 9.1.0.205\(c00e97r2p2\)

🔴Vulnerability Details

GHSA

GHSA-h58v-f39m-6qhf: Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9↗2022-05-24

▶

CVEList

CVE-2019-5292: Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9↗2019-11-13

▶