Information Leak Vulnerability in Huawei Mate 9 Pro Smartphones
CVE-2019-5244

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Mate 9 Pro
Vendor: CVE Published:; 4 June 2019

Summary

The Mate 9 Pro from Huawei is susceptible to an information leak that arises from insufficient input validation. This vulnerability enables an attacker to manipulate a user with root privileges into installing malicious applications. Once installed, such applications can access sensitive process information, potentially leading to unauthorized disclosure of user data. The affected versions include all Mate 9 Pro devices running earlier than LON-L29C 8.0.0.361(C636). To maintain user security, it is crucial for users to update their devices and be cautious of suspicious applications.

Affected Version(s)

Mate 9 Pro Earlier than LON-L29C 8.0.0.361(C636) versions

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 4, 2019
Vulnerability Reserved
Jan 4, 2019