CVE-2019-5212

MEDIUM

5.5

Description

There is an improper access control vulnerability in Huawei Share. The software does not properly restrict access to certain file from certain application. An attacker tricks the user into installing a malicious application then establishing a connect to the attacker through Huawei Share, successful exploit could cause information disclosure.

CVE Details

CVSS v3.1 Score5.5

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredNONE

User InteractionREQUIRED

Published11/29/2019

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

huawei:p20huawei:p20_firmware

Weaknesses (CWE)

CWE-732

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-share-en(psirt@huawei.com)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-share-en(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.