CVE-2019-5236

Published Aug 8, 2019

Last updated 5 years ago

CVSS medium 6.3

Overview

Description: Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.3
Impact score: 3.4
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-415

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.132a\\(c432\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E140068C-E5BD-4D32-B4D7-ECD89C934F02"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.135\\(c782\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5381178B-59D7-4008-A6B2-46C559123EAA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.154\\(c10\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8CB47C7-08CA-4EA3-9F4A-1C41A69696D1"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.154\\(c461\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B106328-9FE3-47BF-B82F-F5694482A930"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.154\\(c635\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B68E41F-C8A1-459A-9A58-A77FAB452AA3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c185\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85B2B2B1-D250-4ED3-8724-4FB208514DA1"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c605\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF895541-98C9-4520-9CAF-36CA963F9BA0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.159\\(c636\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0D744CB-FF68-471D-AD33-5074275D181B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References