CVE-2019-5231 — MEDIUM (4.6)

Q: How severe is CVE-2019-5231?

CVE-2019-5231 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-5231?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei P30 Firmware, Huawei P30.

Vulnerability Description

P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper authorization vulnerability. The software incorrectly performs an authorization check when a user attempts to perform certain action. Successful exploit could allow the attacker to update a crafted package.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	P30 Firmware	< elle-al00b_9.1.0.186\(c00e180r2p1\)
Huawei	P30	-

Related Weaknesses (CWE)

CWE-863

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190930-01-smartphVendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190930-01-smartphVendor Advisory

FAQ

What is CVE-2019-5231?

CVE-2019-5231 is a vulnerability with a CVSS score of 4.6 (MEDIUM). P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper authorization vulnerability. The software incorrectly performs an authorization check when a user attempts...

How severe is CVE-2019-5231?

CVE-2019-5231 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5231?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei P30 Firmware, Huawei P30.