PT-2019-17509 · Huawei · Honor Play+1
Peter Pi
·
Published
2019-06-06
·
Updated
2019-06-10
·
CVE-2019-5216
CVSS v2.0
7.6
High
| Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei Honor V10 smartphones versions earlier than 9.0.0.156(C00E156R2P14T8)
Huawei Honor 10 smartphones versions earlier than 9.0.0.156(C00E156R1P20T8)
Huawei Honor Play smartphones versions earlier than 9.0.0.156(C00E156R1P13T8)
Description
The issue is related to a race condition that can be exploited by an attacker who tricks the user into installing a malicious application. This application can cause multiple processes to operate on the same variable at the same time, potentially leading to the execution of malicious code.
Recommendations
For Huawei Honor V10 smartphones versions earlier than 9.0.0.156(C00E156R2P14T8), update to version 9.0.0.156(C00E156R2P14T8) or later.
For Huawei Honor 10 smartphones versions earlier than 9.0.0.156(C00E156R1P20T8), update to version 9.0.0.156(C00E156R1P20T8) or later.
For Huawei Honor Play smartphones versions earlier than 9.0.0.156(C00E156R1P13T8), update to version 9.0.0.156(C00E156R1P13T8) or later.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Honor V10
Honor Play