CVE-2019-5252
Severity Score
3.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
Hay una vulnerabilidad de autenticación inapropiada en los teléfonos inteligentes Huawei (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). El componente applock no realiza una autenticación suficiente en una condición extraña. La explotación con éxito podría permitir al atacante usar la aplicación bloqueada por applock en un instante.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-04 CVE Reserved
- 2019-12-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en | 2019-12-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Enjoy 8 Plus Firmware Search vendor "Huawei" for product "Enjoy 8 Plus Firmware" | < 9.1.0.124\(c00e112r1p6t8\) Search vendor "Huawei" for product "Enjoy 8 Plus Firmware" and version " < 9.1.0.124\(c00e112r1p6t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Enjoy 8 Plus Search vendor "Huawei" for product "Enjoy 8 Plus" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Y9 Firmware Search vendor "Huawei" for product "Y9 Firmware" | < 9.1.0.131\(c432e6r1p5t8\) Search vendor "Huawei" for product "Y9 Firmware" and version " < 9.1.0.131\(c432e6r1p5t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Y9 Search vendor "Huawei" for product "Y9" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 8x Firmware Search vendor "Huawei" for product "Honor 8x Firmware" | < 9.1.0.217\(c00e15r3p2t8\) Search vendor "Huawei" for product "Honor 8x Firmware" and version " < 9.1.0.217\(c00e15r3p2t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 8x Search vendor "Huawei" for product "Honor 8x" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 8x Firmware Search vendor "Huawei" for product "Honor 8x Firmware" | < 9.1.0.237\(c432e1r3p2t8\) Search vendor "Huawei" for product "Honor 8x Firmware" and version " < 9.1.0.237\(c432e1r3p2t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 8x Search vendor "Huawei" for product "Honor 8x" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 8x Firmware Search vendor "Huawei" for product "Honor 8x Firmware" | < 9.1.0.237\(c636e2r4p1t8\) Search vendor "Huawei" for product "Honor 8x Firmware" and version " < 9.1.0.237\(c636e2r4p1t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 8x Search vendor "Huawei" for product "Honor 8x" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 9 Lite Firmware Search vendor "Huawei" for product "Honor 9 Lite Firmware" | < 9.1.0.124\(c00e112r2p10t8\) Search vendor "Huawei" for product "Honor 9 Lite Firmware" and version " < 9.1.0.124\(c00e112r2p10t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 9 Lite Search vendor "Huawei" for product "Honor 9 Lite" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 9 Lite Firmware Search vendor "Huawei" for product "Honor 9 Lite Firmware" | < 9.1.0.136\(c636e5r1p5t8\) Search vendor "Huawei" for product "Honor 9 Lite Firmware" and version " < 9.1.0.136\(c636e5r1p5t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 9 Lite Search vendor "Huawei" for product "Honor 9 Lite" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 9i Firmware Search vendor "Huawei" for product "Honor 9i Firmware" | < 9.1.0.115\(c00e113r1p6t8\) Search vendor "Huawei" for product "Honor 9i Firmware" and version " < 9.1.0.115\(c00e113r1p6t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 9i Search vendor "Huawei" for product "Honor 9i" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Honor 9i Firmware Search vendor "Huawei" for product "Honor 9i Firmware" | < 9.1.0.122\(c636e4r1p4t8\) Search vendor "Huawei" for product "Honor 9i Firmware" and version " < 9.1.0.122\(c636e4r1p4t8\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor 9i Search vendor "Huawei" for product "Honor 9i" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Y6 Pro Firmware Search vendor "Huawei" for product "Y6 Pro Firmware" | < 9.1.0.248\(c636e5r3p1\) Search vendor "Huawei" for product "Y6 Pro Firmware" and version " < 9.1.0.248\(c636e5r3p1\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Y6 Pro Search vendor "Huawei" for product "Y6 Pro" | - | - |
Safe
|