Huawei · Honor Band 3 · CVE-2019-5218
**Name of the Vulnerable Software and Affected Versions**
Huawei Band 2 (affected versions not specified)
Honor Band 3 (affected versions not specified)
**Description**
The issue is related to insufficient authentication in certain scenarios, allowing a remote attacker to potentially elevate their privileges. The band does not properly authenticate devices attempting to connect to it, which could enable an attacker to spoof and then connect to the band.
**Recommendations**
For Huawei Band 2, update the firmware to a version that addresses the authentication issue.
For Honor Band 3, update the firmware to a version that addresses the authentication issue.
As a temporary workaround, consider restricting device connections to the band until a patch is available.