Vulnerability Description
P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not perform a properly validation of certain input models, an attacker could trick the user to install a malicious application then craft a malformed model, successful exploit could allow the attacker to get and tamper certain output data information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | P20 Pro Firmware | < charlotte-al00a_9.1.0.321\(c00e320r1p1t8\) |
| Huawei | P20 Pro | - |
| Huawei | P20 Firmware | < emily-al00a_9.1.0.321\(c00e320r1p1t8\) |
| Huawei | P20 | - |
| Huawei | Mate Rs Firmware | < neo-al00d_neo-al00_9.1.0.321\(c786e320r1p1t8\) |
| Huawei | Mate Rs | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-03-smartphVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-03-smartphVendor Advisory
FAQ
What is CVE-2019-5230?
CVE-2019-5230 is a vulnerability with a CVSS score of 5.5 (MEDIUM). P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-A...
How severe is CVE-2019-5230?
CVE-2019-5230 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5230?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei P20 Pro Firmware, Huawei P20 Pro, Huawei P20 Firmware, Huawei P20, Huawei Mate Rs Firmware.