Mate 10 Firmware
CVE-2019-5264
MEDIUM
Severity by source
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.
AnalysisAI
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. Affected products include: Huawei Mate 10 Firmware, Huawei Mate 10 Pro Firmware, Huawei Honor V10 Firmware, Huawei Changxiang 7S Firmware, Huawei P-Smart Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Mate 10 Firmware
View allThe baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaser
There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. Rated medium severity (
The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory doub
There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than A
HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerabili
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today