CVE-2019-5226

P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:44

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en - Vendor Advisory

Information

Published : 2019-11-29 19:15

Updated : 2024-11-21 04:44


NVD link : CVE-2019-5226

Mitre link : CVE-2019-5226

CVE.ORG link : CVE-2019-5226


JSON object : View

Products Affected

huawei

  • hisuite_firmware
  • hisuite
  • p30_pro
  • mate_20
  • p30
  • mate_20_firmware
  • p30_firmware
  • p30_pro_firmware
CWE
CWE-346

Origin Validation Error