Denial of Service Vulnerabilities in Huawei Smartphones
CVE-2019-5303
5.3MEDIUM
Summary
Certain Huawei smartphones are vulnerable to denial of service attacks due to insufficient input validation when parsing TD-SCDMA messages sent from rogue base stations. An attacker could exploit this weakness by sending carefully crafted messages, potentially causing abnormal device behavior. This vulnerability affects a range of Huawei models, underscoring the importance of updating devices to the latest software versions.
Affected Version(s)
ALP-AL00B Versions earlier than 9.1.0.333(C00E333R2P1T8)
ALP-L09 Versions earlier than 9.1.0.300(C432E4R1P9T8)
ALP-L29 Versions earlier than 9.1.0.315(C636E5R1P13T8)
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved