Denial of Service Vulnerabilities in Huawei Smartphones
CVE-2019-5303

5.3MEDIUM

Key Information:

Vendor: Huawei
Status: Alp-al00b; Alp-l09; Alp-l29; Bla-l29c
Vendor: CVE Published:; 27 April 2020

Summary

Certain Huawei smartphones are vulnerable to denial of service attacks due to insufficient input validation when parsing TD-SCDMA messages sent from rogue base stations. An attacker could exploit this weakness by sending carefully crafted messages, potentially causing abnormal device behavior. This vulnerability affects a range of Huawei models, underscoring the importance of updating devices to the latest software versions.

Affected Version(s)

ALP-AL00B Versions earlier than 9.1.0.333(C00E333R2P1T8)

ALP-L09 Versions earlier than 9.1.0.300(C432E4R1P9T8)

ALP-L29 Versions earlier than 9.1.0.315(C636E5R1P13T8)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2020
Vulnerability Reserved
Jan 4, 2019