Authorization Bypass Vulnerability in Huawei Honor V10 Smartphones
CVE-2019-5295

6.4MEDIUM

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
6 June 2019

Summary

The Honor V10 smartphones manufactured by Huawei contain a security flaw due to an inadequate authorization implementation. This vulnerability allows attackers to circumvent certain authorization scopes, enabling them to execute specific actions that should only be available to authorized users. Unsanctioned access may lead to unauthorized modifications or interactions with system features, posing a significant risk to the integrity and privacy of user data.

Affected Version(s)

Honor V10 Versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8)

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.