CVE-2019-5229

MEDIUM Year: 2019
CVSS v3 Score
6.2
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-345
View all →

Vulnerability Description

P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution.

Related Vulnerabilities

CVE-2019-5246

MEDIUM
CVSS:6.2(Medium)

Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(...

CWE-3452019

CVE-2019-10181

MEDIUM
CVSS:6.3(Medium)

It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to...

CWE-3452019

CVE-2025-27257

MEDIUM
CVSS:6.1(Medium)

Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user to install a modified firmware. The firmware signature verification is enf...

CWE-3452025

CVE-2022-26579

MEDIUM
CVSS:6.0(Medium)

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privile...

CWE-3452022

CVE-2024-47079

MEDIUM
CVSS:6.4(Medium)

Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project...

CWE-3452024

CVE-2025-27735

MEDIUM
CVSS:6.0(Medium)

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

CWE-3452025