CVE-2019-5222
Description
There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and successful exploit could result in information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Huawei Honor Magic 2 Secure Input vulnerability allows information disclosure via a malicious app installed by user on devices before Tony-AL00B 9.1.0.216.
Vulnerability
The Secure Input component on Huawei Honor Magic 2 smartphones (models Tony-AL00B) with versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1) does not properly limit certain system privileges. This flaw (HWPSIRT-2019-04106) allows a malicious application to access sensitive input data. [1]
Exploitation
An attacker must trick the user into installing a malicious application. No other prerequisites such as network access or elevated privileges are required. The malicious app can then leverage the insufficient privilege limitation in Secure Input to disclose information. [1]
Impact
Successful exploitation leads to information disclosure. The type of information is not specified, but it could include keystrokes or other input data handled by Secure Input. [1]
Mitigation
Huawei has released software update Tony-AL00B 9.1.0.216(C00E214R2P1) for the Honor Magic 2 to fix the vulnerability. Users should update to this version or later. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Huawei/smartphonesdescription
- Range: <9.1.0.216(C00E214R2P1)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20190717-01-input-enmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.