← Retour aux CVEs
CVE-2019-5218
HIGH8.8
Description
There is an insufficient authentication vulnerability in Huawei Band 2 and Honor Band 3. The band does not sufficiently authenticate the device try to connect to it in certain scenario. Successful exploit could allow the attacker to spoof then connect to the band.
Details CVE
Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie11/29/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
huawei:band_2huawei:band_2_firmwarehuawei:band_3huawei:band_3_firmware
Faiblesses (CWE)
CWE-287
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191106-01-band-en(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.