First published: Tue Nov 12 2019(Updated: )
P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not perform a properly validation of certain input models, an attacker could trick the user to install a malicious application then craft a malformed model, successful exploit could allow the attacker to get and tamper certain output data information.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei P20 Pro Firmware | <charlotte-al00a_9.1.0.321\(c00e320r1p1t8\) | |
HUAWEI P20 Pro | ||
Huawei P20 Firmware | <emily-al00a_9.1.0.321\(c00e320r1p1t8\) | |
HUAWEI P20 | ||
Huawei Mate Rs Firmware | <neo-al00d_neo-al00_9.1.0.321\(c786e320r1p1t8\) | |
Huawei Mate RS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-5230 is an improper validation vulnerability found in Huawei P20 Pro, P20, and Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), and versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8).
CVE-2019-5230 has a severity level of 5.5 (medium).
Huawei P20 Pro, P20, and Mate RS smartphones with specific firmware versions mentioned earlier are affected by CVE-2019-5230.
To fix CVE-2019-5230 vulnerability, update your Huawei P20 Pro, P20, or Mate RS smartphone to Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), Emily-AL00A 9.1.0.321(C00E320R1P1T8), or NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) or later versions.
You can find more information about CVE-2019-5230 vulnerability on the official Huawei security advisories page at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-03-smartphone-en.