Race Condition Vulnerability in Huawei Honor Smartphones
CVE-2019-5216

7HIGH

Key Information:

Vendor
Huawei
Vendor
CVE Published:
6 June 2019

Summary

A race condition vulnerability exists in Huawei Honor V10, Honor 10, and Honor Play smartphones that allows attackers to install malicious applications. This vulnerability enables multiple processes to manipulate the same variable concurrently, which could lead to the execution of unauthorized code. Users are advised to use the latest software versions to protect their devices from potential exploitation.

Affected Version(s)

Honor V10, Honor 10, Honor Play Versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8)

Honor V10, Honor 10, Honor Play Versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8)

Honor V10, Honor 10, Honor Play Versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8)

References

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.