Vulnerability Description
There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Honor View 10 Firmware | < berkeley-al20_9.0.0.156\(c00e156r2p14t8\) |
| Huawei | Honor View 10 | - |
| Huawei | Honor 10 Firmware | < columbia-al10b_9.0.0.156\(c00e156r1p20t8\) |
| Huawei | Honor 10 | - |
| Huawei | Honor Play Firmware | < cornell-al00a_9.0.0.156\(c00e156r1p13t8\) |
| Huawei | Honor Play | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190116-01-smartphVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190116-01-smartphVendor Advisory
FAQ
What is CVE-2019-5216?
CVE-2019-5216 is a vulnerability with a CVSS score of 7.0 (HIGH). There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.1...
How severe is CVE-2019-5216?
CVE-2019-5216 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5216?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor View 10 Firmware, Huawei Honor View 10, Huawei Honor 10 Firmware, Huawei Honor 10, Huawei Honor Play Firmware.