CVE-2019-5302

EPSS 0.06%
Veröffentlicht 27.04.2020 20:15:12
Zuletzt bearbeitet 21.11.2024 04:44:42
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Alp-al00b Firmware Version < 9.1.0.333\(c00e333r2p1t8\)

Huawei ≫ Alp-al00b Version-

Huawei ≫ Alp-l09 Firmware Version < 9.1.0.300\(c432e4r1p9t8\)

Huawei ≫ Alp-l09 Version-

Huawei ≫ Alp-l29 Firmware Version < 9.1.0.315\(c636e5r1p13t8\)

Huawei ≫ Alp-l29 Version-

Huawei ≫ Bla-l29c Firmware Version < 9.1.0.321\(c636e4r1p14t8\)

Huawei ≫ Bla-l29c Version-

Huawei ≫ Bla-l29c Firmware Version < 9.1.0.330\(c432e6r1p12t8\)

Huawei ≫ Bla-l29c Version-

Huawei ≫ Bla-l29c Firmware Version < 9.1.0.302\(c635e4r1p13t8\)

Huawei ≫ Bla-l29c Version-

Huawei ≫ Berkeley-al20 Firmware Version < 9.1.0.333\(c00e333r2p1t8\)

Huawei ≫ Berkeley-al20 Version-

Huawei ≫ Berkeley-l09 Firmware Version < 9.1.0.350\(c10e3r1p14t8\)

Huawei ≫ Berkeley-l09 Version-

Huawei ≫ Berkeley-l09 Firmware Version < 9.1.0.351\(c432e5r1p13t8\)

Huawei ≫ Berkeley-l09 Version-

Huawei ≫ Berkeley-l09 Firmware Version < 9.1.0.350\(c636e4r1p13t8\)

Huawei ≫ Berkeley-l09 Version-

Huawei ≫ Charlotte-l09c Firmware Version < 9.1.0.311\(c185e4r1p11t8\)

Huawei ≫ Charlotte-l09c Version-

Huawei ≫ Charlotte-l09c Firmware Version < 9.1.0.345\(c432e8r1p11t8\)

Huawei ≫ Charlotte-l09c Version-

Huawei ≫ Charlotte-l29c Firmware Version < 9.1.0.325\(c185e4r1p11t8\)

Huawei ≫ Charlotte-l29c Version-

Huawei ≫ Charlotte-l29c Firmware Version < 9.1.0.335\(c636e3r1p13t8\)

Huawei ≫ Charlotte-l29c Version-

Huawei ≫ Charlotte-l29c Firmware Version < 9.1.0.345\(c432e8r1p11t8\)

Huawei ≫ Charlotte-l29c Version-

Huawei ≫ Charlotte-l29c Firmware Version < 9.1.0.336\(c605e3r1p12t8\)

Huawei ≫ Charlotte-l29c Version-

Huawei ≫ Columbia-al10b Firmware Version < 9.1.0.333\(c00e333r1p1t8\)

Huawei ≫ Columbia-al10b Version-

Huawei ≫ Columbia-l29d Firmware Version < 9.1.0.350\(c461e3r1p11t8\)

Huawei ≫ Columbia-l29d Version-

Huawei ≫ Columbia-l29d Firmware Version < 9.1.0.350\(c185e3r1p12t8\)

Huawei ≫ Columbia-l29d Version-

Huawei ≫ Columbia-l29d Firmware Version < 9.1.0.350\(c10e5r1p14t8\)

Huawei ≫ Columbia-l29d Version-

Huawei ≫ Columbia-l29d Firmware Version < 9.1.0.351\(c432e5r1p13t8\)

Huawei ≫ Columbia-l29d Version-

Huawei ≫ Cornell-al00a Firmware Version < 9.1.0.333\(c00e333r1p1t8\)

Huawei ≫ Cornell-al00a Version-

Huawei ≫ Cornell-l29a Firmware Version < 9.1.0.328\(c185e1r1p9t8\)

Huawei ≫ Cornell-l29a Version-

Huawei ≫ Cornell-l29a Firmware Version < 9.1.0.328\(c432e1r1p9t8\)

Huawei ≫ Cornell-l29a Version-

Huawei ≫ Cornell-l29a Firmware Version < 9.1.0.330\(c461e1r1p9t8\)

Huawei ≫ Cornell-l29a Version-

Huawei ≫ Cornell-l29a Firmware Version < 9.1.0.328\(c636e2r1p12t8\)

Huawei ≫ Cornell-l29a Version-

Huawei ≫ Emily-l09c Firmware Version < 9.1.0.336\(c605e4r1p12t8\)

Huawei ≫ Emily-l09c Version-

Huawei ≫ Emily-l09c Firmware Version < 9.1.0.311\(c185e2r1p12t8\)

Huawei ≫ Emily-l09c Version-

Huawei ≫ Emily-l09c Firmware Version < 9.1.0.345\(c432e10r1p12t8\)

Huawei ≫ Emily-l09c Version-

Huawei ≫ Emily-l29c Firmware Version < 9.1.0.311\(c605e2r1p12t8\)

Huawei ≫ Emily-l29c Version-

Huawei ≫ Emily-l29c Firmware Version < 9.1.0.311\(c636e7r1p13t8\)

Huawei ≫ Emily-l29c Version-

Huawei ≫ Emily-l29c Firmware Version < 9.1.0.311\(c432e7r1p11t8\)

Huawei ≫ Emily-l29c Version-

Huawei ≫ Ever-l29b Firmware Version < 9.1.0.311\(c185e3r3p1\)

Huawei ≫ Ever-l29b Version-

Huawei ≫ Ever-l29b Firmware Version < 9.1.0.310\(c636e3r2p1\)

Huawei ≫ Ever-l29b Version-

Huawei ≫ Ever-l29b Firmware Version < 9.1.0.310\(c432e3r1p12\)

Huawei ≫ Ever-l29b Version-

Huawei ≫ Mate 20 Firmware Version < 9.1.0.131\(c00e131r3p1\)

Huawei ≫ Mate 20 Version-

Huawei ≫ Mate 20 Pro Firmware Version < 9.1.0.310\(c185e10r2p1\)

Huawei ≫ Mate 20 Pro Version-

Huawei ≫ Mate 20 Rs Firmware Version < 9.1.0.135\(c786e133r3p1\)

Huawei ≫ Mate 20 Rs Version-

Huawei ≫ Mate 20 X Firmware Version < 9.1.0.135\(c00e133r2p1\)

Huawei ≫ Mate 20 X Version-

Huawei ≫ P20 Firmware Version < 9.1.0.333\(c00e333r1p1t8\)

Huawei ≫ P20 Version-

Huawei ≫ P20 Pro Firmware Version < 9.1.0.333\(c00e333r1p1t8\)

Huawei ≫ P20 Pro Version-

Huawei ≫ P30 Firmware Version < 9.1.0.193

Huawei ≫ P30 Version-

Huawei ≫ P30 Pro Firmware Version < 9.1.0.186\(c00e180r2p1\)

Huawei ≫ P30 Pro Version-

Huawei ≫ Y9 2019 Firmware Version < 9.1.0.220\(c605e3r1p1t8\)

Huawei ≫ Y9 2019 Version-

Huawei ≫ Nova Lite 3 Firmware Version < 9.1.0.305\(c635e8r2p2\)

Huawei ≫ Nova Lite 3 Version-

Huawei ≫ Honor 10 Lite Firmware Version < 9.1.0.283\(c605e8r2p2\)

Huawei ≫ Honor 10 Lite Version-

Huawei ≫ Honor 8x Firmware Version < 9.1.0.221\(c461e2r1p1t8\)

Huawei ≫ Honor 8x Version-

Huawei ≫ Honor View 20 Firmware Version < 9.1.0.238\(c432e1r3p1\)

Huawei ≫ Honor View 20 Version-

Huawei ≫ Jackman-l22 Firmware Version < 9.1.0.247\(c636e2r4p1t8\)

Huawei ≫ Jackman-l22 Version-

Huawei ≫ Paris-l21b Firmware Version < 9.1.0.331\(c432e1r1p2t8\)

Huawei ≫ Paris-l21b Version-

Huawei ≫ Paris-l21meb Firmware Version < 9.1.0.331\(c185e4r1p3t8\)

Huawei ≫ Paris-l21meb Version-

Huawei ≫ Paris-l29b Firmware Version < 9.1.0.331\(c636e1r1p3t8\)

Huawei ≫ Paris-l29b Version-

Huawei ≫ Sydney-al00 Firmware Version < 9.1.0.212\(c00e62r1p7t8\)

Huawei ≫ Sydney-al00 Version-

Huawei ≫ Sydney-l21 Firmware Version < 9.1.0.215\(c432e1r1p1t8\)

Huawei ≫ Sydney-l21 Version-

Huawei ≫ Sydney-l21 Firmware Version < 9.1.0.213\(c185e1r1p1t8\)

Huawei ≫ Sydney-l21 Version-

Huawei ≫ Sydney-l21br Firmware Version < 9.1.0.213\(c185e1r1p2t8\)

Huawei ≫ Sydney-l21br Version-

Huawei ≫ Sydney-l22 Firmware Version < 9.1.0.258\(c636e1r1p1t8\)

Huawei ≫ Sydney-l22 Version-

Huawei ≫ Sydney-l22br Firmware Version < 9.1.0.258\(c636e1r1p1t8\)

Huawei ≫ Sydney-l22br Version-

Huawei ≫ Sydneym-al00 Firmware Version < 9.1.0.228\(c00e78r1p7t8\)

Huawei ≫ Sydneym-al00 Version-

Huawei ≫ Sydneym-l01 Firmware Version < 9.1.0.215\(c782e2r1p1t8\)

Huawei ≫ Sydneym-l01 Version-

Huawei ≫ Sydneym-l01 Firmware Version < 9.1.0.213\(c185e1r1p1t8\)

Huawei ≫ Sydneym-l01 Version-

Huawei ≫ Sydneym-l01 Firmware Version < 9.1.0.270\(c432e3r1p1t8\)

Huawei ≫ Sydneym-l01 Version-

Huawei ≫ Sydneym-l03 Firmware Version < 9.1.0.217\(c605e1r1p1t8\)

Huawei ≫ Sydneym-l03 Version-

Huawei ≫ Sydneym-l21 Firmware Version < 9.1.0.221\(c461e1r1p1t8\)

Huawei ≫ Sydneym-l21 Version-

Huawei ≫ Sydneym-l21 Firmware Version < 9.1.0.215\(c432e4r1p1t8\)

Huawei ≫ Sydneym-l21 Version-

Huawei ≫ Sydneym-l22 Firmware Version < 9.1.0.259\(c185e1r1p2t8\)

Huawei ≫ Sydneym-l22 Version-

Huawei ≫ Sydneym-l22 Firmware Version < 9.1.0.220\(c635e1r1p2t8\)

Huawei ≫ Sydneym-l22 Version-

Huawei ≫ Sydneym-l22 Firmware Version < 9.1.0.216\(c569e1r1p1t8\)

Huawei ≫ Sydneym-l22 Version-

Huawei ≫ Sydneym-l23 Firmware Version < 9.1.0.226\(c605e2r1p1t8\)

Huawei ≫ Sydneym-l23 Version-

Huawei ≫ Yale-l21a Firmware Version < 9.1.0.154\(c432e2r3p2\)

Huawei ≫ Yale-l21a Version-

Huawei ≫ Yale-l21a Firmware Version < 9.1.0.154\(c461e2r2p1\)

Huawei ≫ Yale-l21a Version-

Huawei ≫ Yale-l21a Firmware Version < 9.1.0.154\(c636e2r2p1\)

Huawei ≫ Yale-l21a Version-

Huawei ≫ Honor 20 Firmware Version < 9.1.0.152\(c00e150r5p1\)

Huawei ≫ Honor 20 Version-

Huawei ≫ Honor Magic2 Firmware Version < 10.0.0.187

Huawei ≫ Honor Magic2 Version-

Huawei ≫ Honor V20 Firmware Version < 9.1.0.234\(c00e234r4p3\)

Huawei ≫ Honor V20 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.169

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	1.6	3.6	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	2.9	5.5	2.9	AV:A/AC:M/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-5302

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-5302

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-5302

EUVD