Lucene search

Huawei TechnologiesHUAWEI-SA-20191030-01-PHONE

HistoryOct 30, 2019 - 12:00 a.m.

Security Advisory - Information Leak Vulnerability in Some Huawei Products

2019-10-3000:00:00

Huawei Technologies

www.huawei.com

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

12.8%

JSON

Some Huawei mobile phones have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. (Vulnerability ID: HWPSIRT-2019-04053)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-5292.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en

Affected configurations

Vulners

Node

huaweimate_s_firmwareRange<EMUI9.1.0.135

huaweihuawei_y6_2019Range<9.1.0.267

huaweihuawei_p30Range<9.1.0.193

huaweihuawei_y6_2019Range<9.1.0.234

huaweihuawei_nova_4Range<9.1.0.206

huaweihuawei_nova_4Range<9.1.0.225

huaweihuawei_nova_3Range<9.1.0.305

huaweihonor_10Range<9.1.0.266

huaweihonor_10Range<9.1.0.269

huaweihonor_10Range<9.1.0.273

huaweihonor_8aRange<9.1.0.234

CPENameOperatorVersion
huawei mate 20ltEMUI9.1.0.135
huawei p smart 2019lt9.1.0.267
huawei p30lt9.1.0.193
huawei y6 2019lt9.1.0.234
huawei y6 pro 2019lt9.1.0.234
huawei nova 4lt9.1.0.206
huawei nova 4lt9.1.0.225
huawei nova lite 3lt9.1.0.305
honor 10 litelt9.1.0.266
honor 10 litelt9.1.0.269

Name	Operator	Version
huawei mate 20	lt	EMUI9.1.0.135
huawei p smart 2019	lt	9.1.0.267
huawei p30	lt	9.1.0.193
huawei y6 2019	lt	9.1.0.234
huawei y6 pro 2019	lt	9.1.0.234
huawei nova 4	lt	9.1.0.206
huawei nova 4	lt	9.1.0.225
huawei nova lite 3	lt	9.1.0.305
honor 10 lite	lt	9.1.0.266
honor 10 lite	lt	9.1.0.269

Rows per page:

1-10 of 131

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for HUAWEI-SA-20191030-01-PHONE