CVE-2019-5279
Description
Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A malicious app can copy specific files to the sdcard on Huawei Emily-L29C phones, leading to information leakage.
Vulnerability
An information leakage vulnerability exists in Huawei smart phones Emily-L29C with software versions earlier than 9.1.0.311(C10E2R1P13T8), 9.1.0.311(C461E2R1P11T8), 9.1.0.316(C635E2R1P11T8), 9.1.0.311(C185E2R1P12T8), and 9.1.0.311(C636E7R1P13T8). The bug allows a malicious application to copy specific files to the sdcard, bypassing normal access controls [1].
Exploitation
An attacker must trick the user into installing a malicious application on the device. Once installed, the application can copy specific files from internal storage to the sdcard without requiring additional permissions beyond those granted at installation [1].
Impact
Successful exploitation results in information leakage, as the copied files become accessible to the malicious application on the sdcard. The attacker gains access to potentially sensitive data stored in those specific files, compromising confidentiality [1].
Mitigation
Huawei has released software updates to fix this vulnerability. The resolved versions are 9.1.0.311(C10E2R1P13T8), 9.1.0.311(C461E2R1P11T8), 9.1.0.316(C635E2R1P11T8), 9.1.0.311(C185E2R1P12T8), and 9.1.0.311(C636E7R1P13T8). Users should update their devices to the latest available firmware [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Huawei/smart phonesdescription
- Range: <9.1.0.311(C10E2R1P13T8) for C10, <9.1.0.311(C461E2R1P11T8) for C461, <9.1.0.316(C635E2R1P11T8) for C635, <9.1.0.311(C185E2R1P12T8) for C185, <9.1.0.311(C605E2R1P12T8) for C605, <9.1.0.311(C636E7R1P13T8) for C636
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-02-smartphone-enmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.