Vulnerability Details CVE-2019-5213
Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.7%
CVSS Severity
CVSS v3 Score 2.4
CVSS v2 Score 1.9
References
Products affected by CVE-2019-5213
-
cpe:2.3:h:huawei:honor_play:-
-
cpe:2.3:o:huawei:honor_play_firmware:-
-
cpe:2.3:o:huawei:honor_play_firmware:9.1.0.333(c00e333r1p1t8)
-
cpe:2.3:o:huawei:honor_play_firmware:cornell-al00a_9.0.0.156(c00e156r1p13t8)