CVE-2019-5281 — MEDIUM (4.6)

Q: How severe is CVE-2019-5281?

CVE-2019-5281 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-5281?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Y9 2019 Firmware, Huawei Y9 2019.

Vulnerability Description

There is an information leak vulnerability in some Huawei phones, versions earlier than Jackman-L21 8.2.0.155(C185R1P2). When a local attacker uses the camera of a smartphone, the attacker can exploit this vulnerability to obtain sensitive information by performing a series of operations.

CVSS Score

4.6

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Y9 2019 Firmware	< jackman-l21_8.2.0.155\(c185r1p2\)
Huawei	Y9 2019	-

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190218-01-smartpVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190218-01-smartpVendor Advisory

FAQ

What is CVE-2019-5281?

CVE-2019-5281 is a vulnerability with a CVSS score of 4.6 (MEDIUM). There is an information leak vulnerability in some Huawei phones, versions earlier than Jackman-L21 8.2.0.155(C185R1P2). When a local attacker uses the camera of a smartphone, the attacker can exploit...

How severe is CVE-2019-5281?

CVE-2019-5281 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5281?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Y9 2019 Firmware, Huawei Y9 2019.