Huawei Mate 20 Command out-of-bounds read

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Huawei Mate 20 (Smartphone Operating System) (the affected version unknown). It has been classified as critical. This affects an unknown code. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field06/05/2019 09:13 AM06/19/2020 11:35 AM
typeSmartphone Operating SystemSmartphone Operating System
vendorHuaweiHuawei
nameMate 20Mate 20
input_typeCommandCommand
discoverydate15506208001550620800
cwe125 (information disclosure)125 (information disclosure)
risk22
cvss2_vuldb_basescore4.14.1
cvss2_vuldb_tempscore4.14.1
cvss2_vuldb_avLL
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avLL
cvss2_nvd_acLL
cvss2_nvd_auSS
cvss2_nvd_ciNN
cvss2_nvd_iiNN
cvss2_nvd_aiPP
cvss3_meta_basescore4.64.6
cvss3_meta_tempscore4.64.6
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.35.3
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_nvd_avPP
cvss3_nvd_acLL
cvss3_nvd_prHH
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cNN
cvss3_nvd_iNN
cvss3_nvd_aHH
date1559606400 (06/04/2019)1559606400 (06/04/2019)
urlhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-enhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-en
price_0day$5k-$25k$5k-$25k
cveCVE-2019-5296CVE-2019-5296
cve_assigned15465600001546560000
cve_nvd_summaryMate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal.Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal.
osvdb_titleHuawei smartphones denial of serviceHuawei smartphones denial of service
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
0day_days104104
cvss3_nvd_basescore3.93.9
confirm_urlhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-en

Do you know our Splunk app?

Download it now for free!