PT-2019-17517 · Huawei · Huawei P30+3
Publicado
2019-11-29
·
Atualizado
2021-07-21
·
CVE-2019-5227
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei P30 versions prior to ELLE-AL00B 9.1.0.193(C00E190R2P1)
Huawei P30 Pro versions prior to VOGUE-AL00A 9.1.0.193(C00E190R2P1)
Huawei Mate 20 versions prior to Hima-AL00B 9.1.0.135(C00E133R2P1)
Huawei HiSuite versions prior to 9.1.0.305
Description
The issue is related to a version downgrade vulnerability. It occurs because the device and HiSuite software do not validate the upgrade package sufficiently, allowing the system of the smartphone to be downgraded to an older version.
Recommendations
For Huawei P30 versions prior to ELLE-AL00B 9.1.0.193(C00E190R2P1), update to version ELLE-AL00B 9.1.0.193(C00E190R2P1) or later.
For Huawei P30 Pro versions prior to VOGUE-AL00A 9.1.0.193(C00E190R2P1), update to version VOGUE-AL00A 9.1.0.193(C00E190R2P1) or later.
For Huawei Mate 20 versions prior to Hima-AL00B 9.1.0.135(C00E133R2P1), update to version Hima-AL00B 9.1.0.135(C00E133R2P1) or later.
For Huawei HiSuite versions prior to 9.1.0.305, update to version 9.1.0.305 or later.
Correção
Origin Validation Error
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Hisuite
Huawei Mate 20
Huawei P30
Huawei P30 Pro