Privilege escalation in Huawei Mate_20_pro

CVE-2019-5250

Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into…

Vulnerability class: Privilege Escalation

EPSS: 0.006 (44.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2019-5250?
CVE-2019-5250 is a high-severity vulnerability in Huawei Mate_20_pro, classified under Improper Privilege Management. CVSS score: 7.8/10. Published 2019-12-13.
How severe is CVE-2019-5250?
High severity. CVSS v3 base score is 7.8 out of 10.