Denial of Service Vulnerabilities on Huawei Smartphones
CVE-2019-5302

5.3MEDIUM

Key Information:

Vendor: Huawei
Status: Sydney-l21; Sydney-l21br; Sydney-l22; Sydney-l22br
Vendor: CVE Published:; 27 April 2020

Summary

This vulnerability affects multiple Huawei smartphone models, allowing attackers to exploit vulnerabilities in input validation when processing specially crafted TD-SCDMA messages. When sent from a rogue base station, these messages can lead to the abnormal performance of affected devices, causing potential interruptions and service outages. Users are advised to update their devices to mitigate the risks associated with this vulnerability.

Affected Version(s)

ALP-AL00B Versions earlier than 9.1.0.333(C00E333R2P1T8)

ALP-L09 Versions earlier than 9.1.0.300(C432E4R1P9T8)

ALP-L29 Versions earlier than 9.1.0.315(C636E5R1P13T8)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2020
Vulnerability Reserved
Jan 4, 2019