Improper Access Control in Huawei Share Software
CVE-2019-5212

5.5MEDIUM

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
29 November 2019

Summary

An improper access control vulnerability exists in Huawei Share, allowing unauthorized access to specific files when exploited. This is achieved by tricking users into installing a malicious application, which can then establish a connection with the attacker's device through Huawei Share. If successfully exploited, this vulnerability can lead to the disclosure of sensitive information.

Affected Version(s)

P20 Versions earlier than Emily-L29C 9.1.0.311(C10E2R1P13T8), Versions earlier than Emily-L29C 9.1.0.311(C461E2R1P11T8),Versions earlier than Emily-L29C 9.1.0.311(C605E2R1P12T8), Versions earlier than Emily-L29C 9.1.0.311(C432E7R1P11T8)

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.