CVE-2019-5252 Information

Description

There is an improper authentication vulnerability in Huawei smartphones (Y9 Honor 8X Honor 9 Lite Honor 9i Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

3.5