Improper File Management Vulnerability in Huawei P20 Phones
CVE-2019-5211

5.7MEDIUM

Key Information:

Vendor: Huawei
Status: P20
Vendor: CVE Published:; 29 November 2019

What is CVE-2019-5211?

The Huawei Share function on P20 phones prior to version Emily-L29C 9.1.0.311 is susceptible to an improper file management vulnerability. This allows attackers to exploit file transfer processes by tricking victims into performing specific actions, potentially leading to the deletion of critical files from the victim's device. Proper safeguards are essential to protect user data during file operations in this context.

Affected Version(s)

P20 Versions earlier than Emily-L29C 9.1.0.311(C10E2R1P13T8), Versions earlier than Emily-L29C 9.1.0.311(C461E2R1P11T8),Versions earlier than Emily-L29C 9.1.0.311(C605E2R1P12T8), Versions earlier than Emily-L29C 9.1.0.311(C432E7R1P11T8)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 29, 2019
Vulnerability Reserved
Jan 4, 2019