Vulnerability Description
Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Honor 10 Lite Firmware | < 9.1.0.217\(c00e215r3p1\) |
| Huawei | Honor 10 Lite | - |
| Huawei | Honor 8A Firmware | < 9.1.0.205\(c00e97r1p9\) |
| Huawei | Honor 8A | - |
| Huawei | Huawei Y6 Firmware | < 9.1.0.205\(c00e97r2p2\) |
| Huawei | Huawei Y6 | - |
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-eVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-eVendor Advisory
FAQ
What is CVE-2019-5292?
CVE-2019-5292 is a vulnerability with a CVSS score of 3.3 (LOW). Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an informati...
How severe is CVE-2019-5292?
CVE-2019-5292 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5292?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Honor 10 Lite Firmware, Huawei Honor 10 Lite, Huawei Honor 8A Firmware, Huawei Honor 8A, Huawei Huawei Y6 Firmware.