CVE-2019-5245

MEDIUM

HiSuite <9.1.0.300 - Code Injection

Title source: llm

Description

HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code.

References (1)

[Vendor Advisory] https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190612-01-dllhijacking-en

Scores

CVSS v3 5.3

EPSS 0.0006

EPSS Percentile 18.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-427

Status published

Affected Products (1)

huawei/hisuite < 9.1.0.300

Timeline

Published Jun 13, 2019

Tracked Since Feb 18, 2026