CVE-2019-5213
Description
Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Insufficient authentication in Honor Play smartphones allows an attacker to modify alarm clock settings without unlocking the screen lock.
Vulnerability
CVE-2019-5213 is an insufficient authentication vulnerability in the Honor Play smartphone running versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8). The system contains a logic judgment error under certain scenarios, enabling an attacker to bypass the screen lock and modify alarm clock settings [1].
Exploitation
An attacker must have physical access to the locked device and perform a series of uncommon operations to trigger the logic error. No authentication or prior knowledge of the device PIN is required; the vulnerability is exploitable directly from the lock screen [1].
Impact
Successful exploitation allows the attacker to modify the alarm clock settings without unlocking the screen lock. The impact is limited to alarm clock configuration changes and does not extend to full device compromise or data access [1].
Mitigation
Huawei has released software update Cornell-AL00A 9.1.0.321(C00E320R1P1T8) to fix the vulnerability. Users are advised to update their devices to this version or later. No workarounds have been provided [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Honor/smartphonesdescription
- Range: <9.1.0.321(C00E320R1P1T8)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-smartphone-enmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.