CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-5222

There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and successful exploit could result in information disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.1%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190717-01-input-en
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190717-01-input-en

Products affected by CVE-2019-5222

Huawei » Honor Magic 2 » Version: N/A

cpe:2.3:h:huawei:honor_magic_2:-
Huawei » Honor Magic 2 Firmware » Version: 10.0.0.187(c00e61r2p11)

cpe:2.3:o:huawei:honor_magic_2_firmware:10.0.0.187(c00e61r2p11)
Huawei » Honor Magic 2 Firmware » Version: tony-al00b/tony-tl00b_9.0.0.182(c00e180r2p2)

cpe:2.3:o:huawei:honor_magic_2_firmware:tony-al00b/tony-tl00b_9.0.0.182(c00e180r2p2)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-5222

Products

Pricing

Contact Us