CVE-2019-5251

Summary

There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.333(C00E333R2P1T8)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.226(C00E220R2P1)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.130(C00E115R2P8T8)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.139(C00E133R3P1)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.130(C00E112R2P10T8)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.143(C636E5R1P5T8)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.120(C00E113R1P6T8)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.1.150(C00E150R1P150)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.0.226(C00E210R2P1)affected
n/aHonor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20sVersions earlier than 9.1.1.132(C00E131R6P1)affected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References