CVE-2019-5279

Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
huaweiCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c10e2r1p13t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c461e2r1p11t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.316\(c635e2r1p11t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c185e2r1p12t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c605e2r1p12t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c636e7r1p13t8\)
𝑥
= Vulnerable software versions
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-en