#VU22879 Input validation error in Huawei Nova 5i pro and Huawei Nova 5 - CVE-2019-5210

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU22879

#VU22879 Input validation error in Huawei Nova 5i pro and Huawei Nova 5 - CVE-2019-5210

Published: November 21, 2019


Vulnerability identifier: #VU22879
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-5210
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability: No public exploit available
Vulnerable software:
Huawei Nova 5i pro
Huawei Nova 5
Software vendor:
Huawei

Description

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The vulnerability exists due to the system does not properly validate the input value before use it as an array index when processing certain image information. A local attacker can trick a victim to install a malicious application and execute arbitrary code.


Remediation

Install updates from vendor's website.

External links