CVE-2019-5252

There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:enjoy_8_plus_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:enjoy_8_plus:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:y9_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:y9:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:y6_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:y6_pro:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:44

Type Values Removed Values Added
References () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en - Vendor Advisory () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-smartphone-en - Vendor Advisory

Information

Published : 2019-12-14 00:15

Updated : 2024-11-21 04:44


NVD link : CVE-2019-5252

Mitre link : CVE-2019-5252

CVE.ORG link : CVE-2019-5252


JSON object : View

Products Affected

huawei

  • enjoy_8_plus
  • honor_9i_firmware
  • y9
  • y6_pro
  • honor_8x
  • y9_firmware
  • honor_9_lite
  • y6_pro_firmware
  • enjoy_8_plus_firmware
  • honor_8x_firmware
  • honor_9_lite_firmware
  • honor_9i
CWE
CWE-287

Improper Authentication