PT-2019-17506 · Huawei · Honor Play
Ding Yicong
·
Published
2019-11-12
·
Updated
2019-11-15
·
CVE-2019-5213
CVSS v3.1
2.4
Low
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Honor Play smartphones versions earlier than 9.1.0.321(C00E320R1P1T8)
Description
The issue is related to insufficient authentication, which is caused by a logic judge error under certain scenarios. This could allow an attacker to modify alarm clock settings without unlocking the screen lock after performing a series of uncommon operations.
Recommendations
For versions earlier than 9.1.0.321(C00E320R1P1T8), update to version 9.1.0.321(C00E320R1P1T8) or later to resolve the issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Honor Play