{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:13:16.480","vulnerabilities":[{"cve":{"id":"CVE-2019-5299","sourceIdentifier":"psirt@huawei.com","published":"2019-08-13T21:15:12.130","lastModified":"2024-11-21T04:44:41.963","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code."},{"lang":"es","value":"Los teléfonos móviles Huawei Hima-AL00 en versiones anteriores a HMA-AL00C00B175 tienen una vulnerabilidad de omisión de verificación de firma. Los atacantes pueden inducir a los usuarios a instalar aplicaciones maliciosas. Debido a un defecto en la lógica de verificación de firma, las aplicaciones maliciosas pueden invocar una interfaz específica para ejecutar código malicioso. Una explotación exitosa puede resultar en la ejecución de código arbitrario."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:huawei:hima-al00b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"hma-al00c00b175","matchCriteriaId":"8FA8D7C7-DD2F-4244-8E83-F9A52C06E6F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:huawei:hima-al00b:-:*:*:*:*:*:*:*","matchCriteriaId":"8C0592A2-8087-4847-8586-04ED842960D4"}]}]}],"references":[{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en","source":"psirt@huawei.com","tags":["Vendor Advisory"]},{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-phone-en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}