CVE-2019-5265
First published: Mon Dec 23 2019(Updated: )
Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P30 Firmware | =9.1.0.193\(c00e190r2p1\) | |
| HUAWEI P30 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-5265?
CVE-2019-5265 is an improper access control vulnerability in the Huawei Share function of the P30 smartphone.
How does the improper access control vulnerability in Huawei Share function of P30 smartphone occur?
The vulnerability occurs when the function incorrectly controls certain access messages, allowing attackers to simulate a sender and steal P2P network information.
What is the impact of CVE-2019-5265?
Successful exploitation of CVE-2019-5265 may cause information leakage.
How severe is CVE-2019-5265?
CVE-2019-5265 has a severity score of 7.5 (high).
How can I fix the improper access control vulnerability in Huawei Share function of P30 smartphone?
To fix the vulnerability, it is recommended to update your P30 smartphone firmware to version 9.1.0.193(c00e190r2p1) or later.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei p30 firmware
- version/huawei p30 firmware/9.1.0.193\(c00e190r2p1\)
- canonical/huawei p30