CVE-2019-5295
6.4
Vector
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.5 / Impact: 5.9
Source: NVD
Description
Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8) have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope of authorization.
Affected (1)
Products: Huawei: Honor View 10 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before berkeley-al20_9.0.0.125\(c00e125r2p14t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Honor View 10 | All versions |
References (2)
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.