CVE-2019-5225: Buffer Overflow
First published: Fri Nov 29 2019(Updated: )
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P30 Firmware | <elle-al00b_9.1.0.193\(c00e190r1p21\) | |
| HUAWEI P30 | ||
| Huawei Mate 20 Firmware | <hima-al00b_9.1.0.135\(c00e200r2p1\) | |
| HUAWEI Mate 20 | ||
| Huawei P30 Pro Firmware | <vogue-al00a_9.1.0.193\(c00e190r1p12\) | |
| HUAWEI P30 Pro |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-5225?
CVE-2019-5225 is a buffer overflow vulnerability in Huawei P30, Mate 20, and P30 Pro smartphones with software versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Hima-AL00B 9.1.0.135(C00E200R2P1), and VOGUE-AL00A 9.1.0.193(C00E190R1P12).
How severe is CVE-2019-5225?
CVE-2019-5225 has a severity value of 7.8, which is considered high.
Which smartphones are affected by CVE-2019-5225?
Huawei P30, Mate 20, and P30 Pro smartphones with specific software versions are affected by CVE-2019-5225.
What is the fix for CVE-2019-5225?
To fix CVE-2019-5225, users should update their Huawei P30, Mate 20, and P30 Pro smartphones to the specified software versions or newer.
Where can I find more information about CVE-2019-5225?
More information about CVE-2019-5225 can be found on the official Huawei Security Advisories website.