CVE-2019-5244

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Mate 9 Pro
Vendor: CVE Published:; 4 June 2019

Summary

Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privilege to install an application on the smart phone, and the application can read some process information, which may cause sensitive information leak.

Affected Version(s)

Mate 9 Pro Earlier than LON-L29C 8.0.0.361(C636) versions

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 4, 2019
Vulnerability Reserved
Jan 4, 2019