CVE-2019-5292

Published: Nov 13, 2019Modified: Nov 21, 2024

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information.

Affected (3)

Products: Huawei: Honor 10 Lite Firmware, Honor 8a Firmware, Huawei Y6 Firmware

Huawei

3 products

Honor 10 Lite Firmware

Honor 8a Firmware

Huawei Y6 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Honor 10 Lite Firmware	Before 9.1.0.217\(c00e215r3p1\)

Running on/with	Platform Versions
Huawei Honor 10 Lite	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Honor 8a Firmware	Before 9.1.0.205\(c00e97r1p9\)

Running on/with	Platform Versions
Huawei Honor 8a	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Huawei Y6 Firmware	Before 9.1.0.205\(c00e97r2p2\)

Running on/with	Platform Versions
Huawei Huawei Y6	All versions

References (2)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en

Source: psirt@huawei.com

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.