Published: 12/11/2019 Updated: 21/07/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei p30_firmware
huawei p30_pro_firmware
huawei honor_v20_firmware

There is a race condition vulnerability on certain detection module of smartphone The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution (Vulner ...

CWE-362 CWE-787 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en https://nvd.nist.gov https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-5228

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect