CVE-2019-5231
First published: Wed Nov 13 2019(Updated: )
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper authorization vulnerability. The software incorrectly performs an authorization check when a user attempts to perform certain action. Successful exploit could allow the attacker to update a crafted package.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P30 Firmware | <elle-al00b_9.1.0.186\(c00e180r2p1\) | |
| HUAWEI P30 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2019-5231.
What is the severity level of CVE-2019-5231?
The severity level of CVE-2019-5231 is medium with a score of 4.6.
How does CVE-2019-5231 impact P30 smartphones?
CVE-2019-5231 could allow an attacker to update a crafted package on P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1).
How can I fix CVE-2019-5231?
To fix CVE-2019-5231, update your P30 smartphone to version ELLE-AL00B 9.1.0.186(C00E180R2P1) or later.
Where can I find more information about CVE-2019-5231?
You can find more information about CVE-2019-5231 in the security advisory published by Huawei: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190930-01-smartphone-en.
- collector/nvd-index
- vendor/huawei
- canonical/huawei p30 firmware
- canonical/huawei p30