Authorization Bypass Vulnerability in Huawei Honor V10 Smartphones
CVE-2019-5295
6.4MEDIUM
Summary
The Honor V10 smartphones manufactured by Huawei contain a security flaw due to an inadequate authorization implementation. This vulnerability allows attackers to circumvent certain authorization scopes, enabling them to execute specific actions that should only be available to authorized users. Unsanctioned access may lead to unauthorized modifications or interactions with system features, posing a significant risk to the integrity and privacy of user data.
Affected Version(s)
Honor V10 Versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8)
References
CVSS V3.1
Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved