Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20190911-01-SMARTPHONE
HistorySep 11, 2019 - 12:00 a.m.

Security Advisory - Race Condition Vulnerability on Several Smartphones

2019-09-1100:00:00
Huawei Technologies
www.huawei.com
20

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.4%

JSON

There is a race condition vulnerability on certain detection module of smartphone. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution. (Vulnerability ID: HWPSIRT-2019-06114)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5228.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en

Affected configurations

Vulners
Node
huaweihonor_20_pro_firmwareRange<9.1.0.154
OR
huaweihonor_20_pro_firmwareRange<9.1.0.154
OR
huaweihonor_20_pro_firmwareRange<9.1.0.154D
OR
huaweihonor_20_pro_firmwareRange<9.1.0.155
OR
huaweimate_20_firmwareRange<9.1.0.131
OR
huaweimate_20_firmwareRange<9.1.0.135
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.300
OR
huaweimate_20_pro_firmwareRange<9.1.0.302
OR
huaweimate_20_pro_firmwareRange<9.1.0.303
OR
huaweimate_20_pro_firmwareRange<9.1.0.304
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_pro_firmwareRange<9.1.0.310
OR
huaweimate_20_x_firmwareRange<9.1.0.127
OR
huaweimate_20_x_firmwareRange<9.1.0.135
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_firmwareRange<9.1.0.193
OR
huaweip30_pro_firmwareRange<9.1.0.193
OR
huaweip30_pro_firmwareRange<9.1.0.193
OR
huaweihonor_view_20_firmwareRange<9.1.0.229
OR
huaweihonor_view_20_firmwareRange<9.1.0.229
OR
huaweihonor_view_20_firmwareRange<9.1.0.230
OR
huaweihonor_view_20_firmwareRange<9.1.0.230
OR
huaweihonor_view_20_firmwareRange<9.1.0.230
OR
huaweihonor_view_20_firmwareRange<9.1.0.235
OR
huaweilaya-al00ep_firmwareRange<9.1.0.135
OR
huaweiprinceton-al10b_firmwareRange<9.1.0.233
OR
huaweiprinceton-tl10c_firmwareRange<9.1.0.233
OR
huaweitony-tl00b_firmwareRange<10.0.0.175
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154
OR
huaweiyale-l21a_firmwareRange<9.1.0.154D
OR
huaweiyale-l21a_firmwareRange<9.1.0.154D
OR
huaweiyale-tl00b_firmwareRange<9.1.0.152
OR
huaweiyalep-al10b_firmwareRange<9.1.0.152
VendorProductVersionCPE
huaweihonor_20_pro_firmware*cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*
huaweimate_20_firmware*cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*
huaweimate_20_pro_firmware*cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*
huaweimate_20_x_firmware*cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*
huaweip30_firmware*cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*
huaweip30_pro_firmware*cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*
huaweihonor_view_20_firmware*cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*
huaweilaya-al00ep_firmware*cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*
huaweiprinceton-al10b_firmware*cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*
huaweiprinceton-tl10c_firmware*cpe:2.3:o:huawei:princeton-tl10c_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 141

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2019-5228
2019-11-12 23:15:10
prion
prion
Race condition
2019-11-12 23:15:00
cvelist
cvelist
CVE-2019-5228
2019-11-12 22:42:29
nvd
nvd
CVE-2019-5228
2019-11-12 23:15:10

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.4%

JSON
Related for HUAWEI-SA-20190911-01-SMARTPHONE
cve1prion1cvelist1nvd1