CVE-2019-5216

Name: CVE-2019-5216
Creator: NVD / NIST
Published: 2019-06-06T15:29:01.157+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.68%

Last modified Jun 17, 2026

CVE-2019-5216 is a vulnerability of currently unknown severity. There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. EPSS estimates a 0.68% chance of exploitation in the next 30 days.

Description

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious code.

Metrics

EPSS Probability

0.68%

47.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-362

Affected Software

Vendor	Product	Versions
Huawei	Honor View 10 Firmware	< berkeley-al20_9.0.0.156\(c00e156r2p14t8\)
Huawei	Honor 10 Firmware	< columbia-al10b_9.0.0.156\(c00e156r1p20t8\)
Huawei	Honor Play Firmware	< cornell-al00a_9.0.0.156\(c00e156r1p13t8\)

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190116-01-smartphone-enVendor Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190116-01-smartphone-enVendor Advisory

Timeline

Published: Jun 6, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-5216?

How severe is CVE-2019-5216?

Severity scoring for CVE-2019-5216 is pending analysis. The EPSS model estimates a 0.68% probability of exploitation in the next 30 days.

How do I fix CVE-2019-5216?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-5216?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST