Information Leakage Vulnerability in Huawei Smartphones
CVE-2019-5279

5.5MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
13 November 2019

Summary

Huawei smartphones, specifically the Emily-L29C model, are susceptible to an information leakage issue. This vulnerability allows an attacker to trick users into installing a malicious application. Once the malicious app is installed, it can copy sensitive files to the sdcard, leading to unauthorized access to personal and confidential information. The affected versions are prior to 9.1.0.311 and 9.1.0.316 across several configurations of the device. Users should exercise caution when installing applications and ensure their devices are updated to mitigate this risk.

Affected Version(s)

Emily-L29C Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8)

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.