CVE-2019-5226
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
Los teléfonos inteligentes P30, P30 Pro, Mate 20 con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R2P1), versiones anteriores a Hima-AL00B 9.1.0.135 (C00E133R2P1) y HiSuite con versiones anteriores a HiSuite 9.1.0.305, presentan una vulnerabilidad de degradación de versión. El dispositivo y el software HiSuite no comprueban el paquete de actualización suficientemente, de modo que el sistema del teléfono inteligente puede degradarse a una versión anterior.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-04 CVE Reserved
- 2019-11-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-346: Origin Validation Error
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | P30 Firmware Search vendor "Huawei" for product "P30 Firmware" | < elle-al00b_9.1.0.193\(c00e190r2p1\) Search vendor "Huawei" for product "P30 Firmware" and version " < elle-al00b_9.1.0.193\(c00e190r2p1\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | P30 Search vendor "Huawei" for product "P30" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | P30 Pro Firmware Search vendor "Huawei" for product "P30 Pro Firmware" | < vogue-al00a_9.1.0.193\(c00e190r2p1\) Search vendor "Huawei" for product "P30 Pro Firmware" and version " < vogue-al00a_9.1.0.193\(c00e190r2p1\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | P30 Pro Search vendor "Huawei" for product "P30 Pro" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Mate 20 Firmware Search vendor "Huawei" for product "Mate 20 Firmware" | < hima-al00b_9.1.0.135\(c00e133r2p1\) Search vendor "Huawei" for product "Mate 20 Firmware" and version " < hima-al00b_9.1.0.135\(c00e133r2p1\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 20 Search vendor "Huawei" for product "Mate 20" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Hisuite Firmware Search vendor "Huawei" for product "Hisuite Firmware" | < 9.1.0.305 Search vendor "Huawei" for product "Hisuite Firmware" and version " < 9.1.0.305" | - |
Affected
| in | Huawei Search vendor "Huawei" | Hisuite Search vendor "Huawei" for product "Hisuite" | - | - |
Safe
|