Main Vulnerability Database Vulnerabilities #VU23085

Information disclosure in Huawei Honor play - CVE-2019-5309

Published: November 29, 2019

Vulnerability identifier: #VU23085

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-5309

CWE-ID: CWE-200

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Huawei

Affected software:
Huawei Honor play

Detailed vulnerability description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to improper access restrictions. An attacker with physical access to the device can view certain information after a series of operation without unlock the screen lock.

How to mitigate CVE-2019-5309

Install updates from vendor's website.

Sources

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-02-smartphone-en

Information disclosure in Huawei Honor play - CVE-2019-5309

Detailed vulnerability description

How to mitigate CVE-2019-5309

Sources

Please verify you're human