Vulnerabilities > CVE-2019-5309 - Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Honor Play Firmware

047910
CVSS 4.6 - MEDIUM
Attack vector
PHYSICAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
low complexity
huawei
CWE-307
NVD
Published: 2019-11-29
Updated: 2020-08-24

Summary

Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series of operation without unlock the screen lock. Successful exploit could cause an information disclosure condition.

Vulnerable Configurations

Part Description Count
OS
Huawei
1
Hardware
Huawei
1

Common Weakness Enumeration (CWE)

References