CVE-2019-5244: Input Validation
First published: Tue Jun 04 2019(Updated: )
Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privilege to install an application on the smart phone, and the application can read some process information, which may cause sensitive information leak.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Mate 9 Pro Fimware | <lon-l29c_8.0.0.361\(c636\) | |
| Huawei Mate 9 Pro |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-5244?
CVE-2019-5244 is an information leak vulnerability found in Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions.
How does CVE-2019-5244 work?
An attacker tricks a user with root privilege to install an application on the smartphone, which can then read some process information.
What is the severity level of CVE-2019-5244?
CVE-2019-5244 has a severity level of medium.
Which software versions are affected by CVE-2019-5244?
Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions are affected by CVE-2019-5244.
How can I fix CVE-2019-5244?
To fix CVE-2019-5244, update your Mate 9 Pro Huawei smartphone to version LON-L29C 8.0.0.361(C636) or later.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/severity
- agent/references
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei mate 9 pro fimware
- canonical/huawei mate 9 pro