PT-2019-17506 · Huawei · Honor Play

Ding Yicong

Publicado

2019-11-12

Atualizado

2019-11-15

CVE-2019-5213

CVSS v3.1

2.4

Baixa

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Honor Play smartphones versions earlier than 9.1.0.321(C00E320R1P1T8)

Description The issue is related to insufficient authentication, which is caused by a logic judge error under certain scenarios. This could allow an attacker to modify alarm clock settings without unlocking the screen lock after performing a series of uncommon operations.

Recommendations For versions earlier than 9.1.0.321(C00E320R1P1T8), update to version 9.1.0.321(C00E320R1P1T8) or later to resolve the issue.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2019-5213

Produtos afetados

Honor Play

PT-2019-17506 · Huawei · Honor Play

CVE-2019-5213

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3