CVE-2019-5246
First published: Tue Nov 12 2019(Updated: )
Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei elle-al00b | =9.1.0.109\(c00e106r1p21\) | |
| Huawei elle-al00b | =9.1.0.113\(c00e110r1p21\) | |
| Huawei elle-al00b | =9.1.0.125\(c00e120r1p21\) | |
| Huawei elle-al00b | =9.1.0.135\(c00e130r1p21\) | |
| Huawei elle-al00b | =9.1.0.153\(c00e150r1p21\) | |
| Huawei elle-al00b | =9.1.0.155\(c00e150r1p21\) | |
| Huawei elle-al00b | =9.1.0.162\(c00e160r2p1\) | |
| Huawei elle-al00b firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability CVE-2019-5246?
CVE-2019-5246 is an insufficient verification vulnerability found in smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1).
How severe is the vulnerability CVE-2019-5246?
The severity of CVE-2019-5246 is rated as medium with a CVSS score of 6.2.
What is the affected software version of CVE-2019-5246?
The affected software versions of CVE-2019-5246 are ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1).
How can I fix the vulnerability CVE-2019-5246?
To fix the vulnerability CVE-2019-5246, it is recommended to update the software of ELLE-AL00B to a non-vulnerable version provided by Huawei.
Where can I find more information about the vulnerability CVE-2019-5246?
More information about the vulnerability CVE-2019-5246 can be found on the Huawei security advisory website at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei elle-al00b
- version/huawei elle-al00b/9.1.0.109\(c00e106r1p21\)
- version/huawei elle-al00b/9.1.0.113\(c00e110r1p21\)
- version/huawei elle-al00b/9.1.0.125\(c00e120r1p21\)
- version/huawei elle-al00b/9.1.0.135\(c00e130r1p21\)
- version/huawei elle-al00b/9.1.0.153\(c00e150r1p21\)
- version/huawei elle-al00b/9.1.0.155\(c00e150r1p21\)
- version/huawei elle-al00b/9.1.0.162\(c00e160r2p1\)
- canonical/huawei elle-al00b firmware