CVE-2019-5279

EUVD-2019-14884
Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c10e2r1p13t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c461e2r1p11t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.316\(c635e2r1p11t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c185e2r1p12t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c605e2r1p12t8\)
huaweiemily-l29c_firmware
𝑥
< 9.1.0.311\(c636e7r1p13t8\)
𝑥
= Vulnerable software versions
References
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-en
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-en