VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 4, 2019· Updated Aug 4, 2024

CVE-2019-5215

CVE-2019-5215

Description

There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A man-in-the-middle vulnerability in Huawei Share on P30 and P30 Pro devices allows attackers to sniff and tamper data during file transfers.

Vulnerability

A man-in-the-middle (MITM) vulnerability exists in the Huawei Share feature on Huawei P30 smartphones (models ELE-AL00) and P30 Pro smartphones (models VOG-AL00). It affects versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) [1]. The flaw occurs when users establish a connection and transfer data through Huawei Share, as the communication channel is not sufficiently protected against interception.

Exploitation

An attacker in a position to perform network sniffing and spoofing can intrude upon the Huawei Share connection while users are transferring data. This requires the attacker to be within wireless range of the target device's Huawei Share session [1]. No user interaction beyond normal data transfer is needed for the attack to take place.

Impact

Successful exploitation allows the attacker to perform a man-in-the-middle attack, obtaining and tampering with the data being transferred between the devices [1]. This compromises confidentiality and integrity of the exchanged information; the attacker may read, modify, or inject data without the users' knowledge.

Mitigation

Huawei has released software updates to fix this vulnerability. The resolved versions are ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) [1]. Users should update their devices to these or later versions.

References
  1. Security Advisory - MITM Vulnerability on Huawei Share

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • Huawei/P30llm-fuzzy
    Range: < 9.1.0.162 (ELE-AL00)
  • Huawei/P30 Prollm-fuzzy
    Range: < 9.1.0.162 (VOG-AL00)
  • Huawei/P30,P30 Prov5
    Range: The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.