Information Leak Vulnerability in Huawei Mate 9 Pro Smartphones
CVE-2019-5244

5.5MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
4 June 2019

Summary

The Mate 9 Pro from Huawei is susceptible to an information leak that arises from insufficient input validation. This vulnerability enables an attacker to manipulate a user with root privileges into installing malicious applications. Once installed, such applications can access sensitive process information, potentially leading to unauthorized disclosure of user data. The affected versions include all Mate 9 Pro devices running earlier than LON-L29C 8.0.0.361(C636). To maintain user security, it is crucial for users to update their devices and be cautious of suspicious applications.

Affected Version(s)

Mate 9 Pro Earlier than LON-L29C 8.0.0.361(C636) versions

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.