There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and successful exploit could result in information disclosure.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190717-01-input-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2019-07-17 15:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-5222
Mitre link : CVE-2019-5222
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Products Affected
huawei
- honor_magic_2_firmware
- honor_magic_2