Remote Code Execution Vulnerability in Huawei PCManager
CVE-2019-5237

7.8HIGH

Key Information:

Vendor: Huawei
Status: Pcmanager
Vendor: CVE Published:; 8 August 2019

Summary

Huawei PCManager, prior to versions 9.0.1.66 for Oversea and 9.0.1.70 for China, contains a vulnerability that allows malicious actors to execute arbitrary code. Exploitation of this flaw may lead to unauthorized access, enabling attackers to read or write sensitive information, posing a significant risk to systems running affected versions.

Affected Version(s)

PCManager versions before PCManager 9.0.1.66 (Oversea)

PCManager versions before PCManager 9.0.1.70 (China)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 8, 2019
Vulnerability Reserved
Jan 4, 2019