CVE-2019-5263

EUVD-2019-14868
HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
huaweihisuite
𝑥
≤ 9.1.0.305
huaweihisuite
𝑥
≤ 9.1.0.305
huaweihwbackup
𝑥
≤ 9.1.1.308
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-backup-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-backup-en