Vulnerabilities > CVE-2019-5263 - Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Hisuite and Hwbackup

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
huawei
CWE-307

Summary

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup.

Vulnerable Configurations

Part Description Count
Application
Huawei
6