CVE-2019-5229
MEDIUMP30 <ELLE-AL00B 9.1.0.193(C00E190R2P1 - Code Injection
Title source: llmDescription
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-02-smartphone-en
Scores
CVSS v3
6.2
EPSS
0.0002
EPSS Percentile
7.2%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-345
Status
published
Products (1)
huawei/p30_firmware
< elle-al00b_9.1.0.193\(c00e190r2p1\)
Published
Nov 12, 2019
Tracked Since
Feb 18, 2026