CVE-2019-5230 Information

Description

P20 Pro P20 Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8) versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8) versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not perform a properly validation of certain input models an attacker could trick the user to install a malicious application then craft a malformed model successful exploit could allow the attacker to get and tamper certain output data information.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-03-smartphone-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

5.5