DoS Vulnerability in RTSP Module of Huawei Smartphones
CVE-2019-5284

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Leland-al00a
Vendor: CVE Published:; 4 June 2019

What is CVE-2019-5284?

A vulnerability exists in the RTSP module of Huawei's Leland-AL00A smartphones prior to version 9.1.0.111(C00E111R2P10T8). This vulnerability can be exploited by remote attackers who trick users into opening a specially crafted RTSP media stream. If successfully exploited, this can lead to abnormal behavior in the affected devices, ultimately resulting in a Denial of Service condition. Users should be aware of this risk and ensure their devices are updated to the latest version to mitigate potential threats. For further details, refer to the security advisories provided by Huawei.

Affected Version(s)

Leland-AL00A Versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2019
Vulnerability Reserved
Jan 4, 2019