CVE-2019-5244 — MEDIUM (5.5)

Q: How severe is CVE-2019-5244?

CVE-2019-5244 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-5244?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 9 Pro Fimware, Huawei Mate 9 Pro.

Vulnerability Description

Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privilege to install an application on the smart phone, and the application can read some process information, which may cause sensitive information leak.

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Mate 9 Pro Fimware	< lon-l29c_8.0.0.361\(c636\)
Huawei	Mate 9 Pro	-

Related Weaknesses (CWE)

CWE-20

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-informVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-informVendor Advisory

FAQ

What is CVE-2019-5244?

CVE-2019-5244 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privil...

How severe is CVE-2019-5244?

CVE-2019-5244 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5244?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mate 9 Pro Fimware, Huawei Mate 9 Pro.