Improper Access Control in Huawei Share Software
CVE-2019-5212
5.5MEDIUM
Summary
An improper access control vulnerability exists in Huawei Share, allowing unauthorized access to specific files when exploited. This is achieved by tricking users into installing a malicious application, which can then establish a connection with the attacker's device through Huawei Share. If successfully exploited, this vulnerability can lead to the disclosure of sensitive information.
Affected Version(s)
P20 Versions earlier than Emily-L29C 9.1.0.311(C10E2R1P13T8), Versions earlier than Emily-L29C 9.1.0.311(C461E2R1P11T8),Versions earlier than Emily-L29C 9.1.0.311(C605E2R1P12T8), Versions earlier than Emily-L29C 9.1.0.311(C432E7R1P11T8)
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved