Denial of Service Vulnerabilities in Huawei Smartphones
CVE-2019-5303

5.3MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
27 April 2020

Summary

Certain Huawei smartphones are vulnerable to denial of service attacks due to insufficient input validation when parsing TD-SCDMA messages sent from rogue base stations. An attacker could exploit this weakness by sending carefully crafted messages, potentially causing abnormal device behavior. This vulnerability affects a range of Huawei models, underscoring the importance of updating devices to the latest software versions.

Affected Version(s)

ALP-AL00B Versions earlier than 9.1.0.333(C00E333R2P1T8)

ALP-L09 Versions earlier than 9.1.0.300(C432E4R1P9T8)

ALP-L29 Versions earlier than 9.1.0.315(C636E5R1P13T8)

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.