Information Disclosure Vulnerability in Huawei Smartphones
CVE-2019-5222

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Honor Magic 2
Vendor: CVE Published:; 17 July 2019

Summary

An information disclosure vulnerability exists in the Secure Input feature of specific Huawei smartphones. This flaw allows attackers to exploit system privileges by tricking users into installing malicious applications. If successfully exploited, this vulnerability can expose sensitive information, posing significant security risks to users. It is crucial that affected users update their devices to the latest firmware versions to mitigate this issue.

Affected Version(s)

Honor Magic 2 Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2019
Vulnerability Reserved
Jan 4, 2019