5.4
CVE-2019-5271
- EPSS 0.08%
- Veröffentlicht 29.11.2019 21:15:11
- Zuletzt bearbeitet 21.11.2024 04:44:38
- Quelle psirt@huawei.com
- Teams Watchlist Login
- Unerledigt Login
There is an information leak vulnerability in Huawei smart speaker Myna. When the smart speaker is paired with the cloud through Wi-Fi, the speaker incorrectly processes some data. Attackers can exploit this vulnerability to read and modify specific configurations of speakers through a series of operations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Huawei ≫ Myna Firmware Version9.0.1.9(h100sp6c00)
Huawei ≫ Myna Firmware Version9.0.1.10(h100sp5c00)
Huawei ≫ Myna Firmware Version9.0.1.10(h100sp8c00)
Huawei ≫ Myna Firmware Version9.0.1.10(h100sp10c00)
Huawei ≫ Myna Firmware Version9.0.1.10(h100sp11c00)
Huawei ≫ Myna Firmware Version9.0.1.10(h100sp12c00)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.203 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
| nvd@nist.gov | 4.8 | 6.5 | 4.9 |
AV:A/AC:L/Au:N/C:P/I:P/A:N
|