CVE-2019-5227
First published: Fri Nov 29 2019(Updated: )
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P30 Firmware | <elle-al00b_9.1.0.193\(c00e190r2p1\) | |
| HUAWEI P30 | ||
| Huawei P30 Pro Firmware | <vogue-al00a_9.1.0.193\(c00e190r2p1\) | |
| HUAWEI P30 Pro | ||
| Huawei Mate 20 Firmware | <hima-al00b_9.1.0.135\(c00e133r2p1\) | |
| HUAWEI Mate 20 | ||
| Huawei Hisuite Firmware | <9.1.0.305 | |
| Huawei Hisuite |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-5227?
The severity of CVE-2019-5227 is medium, with a severity value of 5.5.
Which Huawei devices are affected by CVE-2019-5227?
P30, P30 Pro, and Mate 20 smartphones with software versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), VOGUE-AL00A 9.1.0.193(C00E190R2P1), and Hima-AL00B 9.1.0.135(C00E133R2P1) are affected.
Is the HUAWEI P30 device vulnerable to CVE-2019-5227?
No, the HUAWEI P30 device is not vulnerable to CVE-2019-5227.
Is the HUAWEI P30 Pro device vulnerable to CVE-2019-5227?
No, the HUAWEI P30 Pro device is not vulnerable to CVE-2019-5227.
Is the Huawei Hisuite software vulnerable to CVE-2019-5227?
No, the Huawei Hisuite software is not vulnerable to CVE-2019-5227 with versions earlier than HiSuite 9.1.0.305.
How do I fix CVE-2019-5227?
To fix CVE-2019-5227, update the software of your P30, P30 Pro, or Mate 20 smartphone to versions ELLE-AL00B 9.1.0.193(C00E190R2P1), VOGUE-AL00A 9.1.0.193(C00E190R2P1), or Hima-AL00B 9.1.0.135(C00E133R2P1) respectively.
Where can I find more information about CVE-2019-5227?
You can find more information about CVE-2019-5227 at the following link: [Huawei Security Advisory](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en).
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/huawei
- canonical/huawei p30 firmware
- canonical/huawei p30
- canonical/huawei p30 pro firmware
- canonical/huawei p30 pro
- canonical/huawei mate 20 firmware
- canonical/huawei mate 20
- canonical/huawei hisuite firmware
- canonical/huawei hisuite