CVE-2019-5279

Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c10e2r1p13t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c461e2r1p11t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.316\(c635e2r1p11t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c185e2r1p12t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c605e2r1p12t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c636e7r1p13t8\)
𝑥
= Vulnerable software versions
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-en