Information Leak Vulnerability in Huawei Mate 9 Pro Smartphones
CVE-2019-5244
5.5MEDIUM
Summary
The Mate 9 Pro from Huawei is susceptible to an information leak that arises from insufficient input validation. This vulnerability enables an attacker to manipulate a user with root privileges into installing malicious applications. Once installed, such applications can access sensitive process information, potentially leading to unauthorized disclosure of user data. The affected versions include all Mate 9 Pro devices running earlier than LON-L29C 8.0.0.361(C636). To maintain user security, it is crucial for users to update their devices and be cautious of suspicious applications.
Affected Version(s)
Mate 9 Pro Earlier than LON-L29C 8.0.0.361(C636) versions
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved