CVE-2019-5263

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Hisuite, Hwbackup
Vendor: CVE Published:; 29 November 2019

Summary

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup.

Affected Version(s)

HiSuite, HwBackup 9.1.0.305 and earlier versions, 9.1.0.305(MAC) and earlier versions, Earlier versions before 9.1.1.308

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 29, 2019
Vulnerability Reserved
Jan 4, 2019