First published: Thu Aug 08 2019(Updated: )
Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Emily-l29c Firmware | =8.1.0.132a\(c432\) | |
Huawei Emily-l29c Firmware | =8.1.0.135\(c782\) | |
Huawei Emily-l29c Firmware | =8.1.0.154\(c10\) | |
Huawei Emily-l29c Firmware | =8.1.0.154\(c461\) | |
Huawei Emily-l29c Firmware | =8.1.0.154\(c635\) | |
Huawei Emily-l29c Firmware | =8.1.0.156\(c185\) | |
Huawei Emily-l29c Firmware | =8.1.0.156\(c605\) | |
Huawei Emily-l29c Firmware | =8.1.0.159\(c636\) | |
Huawei Emily-l29c |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-5236 is a vulnerability affecting Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636).
The severity of CVE-2019-5236 is medium, with a CVSS score of 6.3.
CVE-2019-5236 is a double free vulnerability that can be exploited when a user clicks on a malicious URL.
Huawei smart phones Emily-L29C with the affected versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) are vulnerable to CVE-2019-5236.
To fix CVE-2019-5236, make sure to keep your Huawei smart phone's firmware up to date and avoid clicking on suspicious URLs.