Race Condition Vulnerability in Huawei Honor Smartphones
CVE-2019-5216

7HIGH

Key Information:

Vendor: Huawei
Status: Honor V10, Honor 10, Honor Play
Vendor: CVE Published:; 6 June 2019

Summary

A race condition vulnerability exists in Huawei Honor V10, Honor 10, and Honor Play smartphones that allows attackers to install malicious applications. This vulnerability enables multiple processes to manipulate the same variable concurrently, which could lead to the execution of unauthorized code. Users are advised to use the latest software versions to protect their devices from potential exploitation.

Affected Version(s)

Honor V10, Honor 10, Honor Play Versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8)

Honor V10, Honor 10, Honor Play Versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8)

Honor V10, Honor 10, Honor Play Versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 6, 2019
Vulnerability Reserved
Jan 4, 2019