Lucene search

Huawei TechnologiesHUAWEI-SA-20190814-01-MOBILE

HistoryAug 14, 2019 - 12:00 a.m.

Two Denial of Service Vulnerabilities on Some Huawei Smartphones

2019-08-1400:00:00

Huawei Technologies

www.huawei.com

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.7%

JSON

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause an infinite loop and the device to reboot. (Vulnerability ID: HWPSIRT-2019-05093 and HWPSIRT-2019-05095)

The two vulnerabilities have been assigned two Common Vulnerabilities and Exposures (CVE) IDs: CVE-2019-5302 and CVE-2019-5303.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en

Affected configurations

Vulners

Node

huaweialp-al00b_firmwareMatch8.0.0.153

huaweialp-l09_firmwareMatch8.0.0.153

huaweialp-l29_firmwareMatch8.0.0.145

huaweibla-al00b_firmwareRange<9.1.0.333

huaweibla-l29c_firmwareMatch8.0.0.146

huaweibla-l29c_firmwareMatch8.0.0.158

huaweibla-l29c_firmwareRange<9.1.0.302

huaweiberkeley-al20_firmwareRange<9.1.0.333

huaweiberkeley-l09_firmwareMatch8.0.0.172

huaweiberkeley-l09_firmwareMatch8.0.0.173

huaweicharlotte-l09c_firmwareMatch8.1.0.128a

huaweicharlotte-l29c_firmwareMatch8.1.0.157

huaweicharlotte-l29c_firmwareMatch8.1.0.158

huaweicharlotte-l29c_firmwareMatch8.1.0.161

huaweicharlotte-l29c_firmwareMatch8.1.0.162

huaweicolumbia-al10b_firmwareRange<9.1.0.333

huaweicolumbia-l29d_firmwareMatch8.1.0.146

huaweicolumbia-l29d_firmwareMatch8.1.0.148

huaweicolumbia-l29d_firmwareMatch8.1.0.151

huaweicornell-al00a_firmwareMatch8.2.0.151

huaweicornell-l29a_firmwareMatch8.2.0.131

huaweicornell-l29a_firmwareMatch8.2.0.132

huaweicornell-l29a_firmwareMatch8.2.0.133

huaweiemily-l09c_firmwareMatch8.1.0.155

huaweiemily-l09c_firmwareMatch8.1.0.156

huaweiemily-l09c_firmwareMatch8.1.0.172

huaweiemily-l29c_firmwareMatch8.1.0.156

huaweiemily-l29c_firmwareMatch8.1.0.159

huaweiemily-l29c_firmwareMatch8.1.0.166

huaweiemily-l29c_firmwareRange<9.1.0.311

huaweiever-l29b_firmwareMatch9.0.0.206

huaweiever-l29b_firmwareMatch9.0.0.207

huaweiever-l29b_firmwareMatch9.0.0.208

huaweimate_20_firmwareRange<9.1.0.131

huaweimate_20_firmwareRange<9.1.0.135

huaweimate_20_pro_firmwareRange<9.1.0.310

huaweimate_20_pro_firmwareRange<9.1.0.311

huaweimate_20_rs_firmwareRange<9.1.0.135

huaweimate_20_x_firmwareRange<9.1.0.135

huaweip_smart_2019_firmwareRange<9.1.0.264

huaweip20_firmwareRange<9.1.0.333

huaweip20_pro_firmwareRange<9.1.0.333

huaweip30_firmwareRange<9.1.0.193

huaweip30_pro_firmwareRange<9.1.0.186

huaweiy9_2019_firmwareRange<9.1.0.220

huaweinova_3_firmwareRange<9.1.0.333

huaweinova_lite_3_firmwareRange<9.1.0.305

huaweiharry-al00c_firmwareRange<9.1.0.217

huaweiharry-al10b_firmwareRange<9.1.0.217

huaweihonor_10_lite_firmwareRange<9.1.0.273

huaweihonor_10_lite_firmwareRange<9.1.0.280

huaweihonor_10_lite_firmwareRange<9.1.0.283

huaweihonor_8x_firmwareRange<9.1.0.217

huaweihonor_8x_firmwareRange<9.1.0.218

huaweihonor_8x_firmwareRange<9.1.0.219

huaweihonor_8x_firmwareRange<9.1.0.221

huaweihonor_view_20_firmwareRange<9.1.0.235

huaweihonor_view_20_firmwareRange<9.1.0.238

huaweijackman-al00d_firmwareRange<9.1.0.213

huaweijackman-l22_firmwareMatch8.2.0.156

huaweivicky-al00c_firmwareRange<9.1.0.210

huaweijohnson-al10c_firmwareRange<9.1.0.210

huaweijohnson-tl00d_firmwareRange<9.1.0.223

huaweijohnson-tl00f_firmwareRange<9.1.0.223

huaweilaya-al00ep_firmwareRange<9.1.0.135

huaweiparis-l21b_firmwareMatch8.2.0.130

huaweiparis-l21meb_firmwareMatch8.2.0.135

huaweiparis-l29b_firmwareMatch8.2.0.137

huaweipotter-al00c_firmwareRange<9.1.0.217

huaweipotter-al10a_firmwareRange<9.1.0.217

huaweiprinceton-al10b_firmwareRange<9.1.0.233

huaweiprinceton-al10d_firmwareRange<9.1.0.234

huaweisydney-al00_firmwareMatch8.2.0.157

huaweisydney-l21_firmwareMatch8.2.0.108

huaweisydney-l21_firmwareMatch8.2.0.137

huaweisydney-l21br_firmwareMatch8.2.0.130

huaweisydney-l22_firmwareMatch8.2.0.138

huaweisydney-l22br_firmwareMatch8.2.0.133

huaweisydneym-al00_firmwareRange<9.1.0.228

huaweisydneym-l01_firmwareMatch8.2.0.132

huaweisydneym-l01_firmwareMatch8.2.0.133

huaweisydneym-l01_firmwareMatch8.2.0.143

huaweisydneym-l03_firmwareMatch8.2.0.135

huaweisydneym-l21_firmwareMatch8.2.0.134

huaweisydneym-l21_firmwareMatch8.2.0.144

huaweisydneym-l22_firmwareMatch8.2.0.132

huaweisydneym-l22_firmwareMatch8.2.0.142

huaweisydneym-l23_firmwareMatch8.2.0.134

huaweitony-al00b_firmwareRange<10.0.0.187

huaweitony-tl00b_firmwareRange<10.0.0.187

huaweiyale-al00a_firmwareRange<9.1.0.152

huaweiyale-l21a_firmwareMatch9.1.0.107

huaweiharry-al00c_firmwareRange<9.1.0.217

huaweijackman-l23_firmwareRange<9.1.0.213

huaweipotter-al00c_firmwareRange<9.1.0.217

huaweipotter-al10a_firmwareRange<9.1.0.217

huaweiyale-al00a_firmwareRange<9.1.0.152

huaweihonor_8x_firmwareRange<9.1.0.210

huaweihonor_8x_firmwareRange<9.1.0.223

huaweihonor_magic2_firmwareRange<10.0.0.187

huaweihonor_v20_firmwareRange<9.1.0.233

huaweihonor_v20_firmwareRange<9.1.0.234

VendorProductVersionCPE
huaweialp-al00b_firmware8.0.0.153cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.153:*:*:*:*:*:*:*
huaweialp-l09_firmware8.0.0.153cpe:2.3:o:huawei:alp-l09_firmware:8.0.0.153:*:*:*:*:*:*:*
huaweialp-l29_firmware8.0.0.145cpe:2.3:o:huawei:alp-l29_firmware:8.0.0.145:*:*:*:*:*:*:*
huaweibla-al00b_firmware*cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*
huaweibla-l29c_firmware8.0.0.146cpe:2.3:o:huawei:bla-l29c_firmware:8.0.0.146:*:*:*:*:*:*:*
huaweibla-l29c_firmware8.0.0.158cpe:2.3:o:huawei:bla-l29c_firmware:8.0.0.158:*:*:*:*:*:*:*
huaweibla-l29c_firmware*cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*
huaweiberkeley-al20_firmware*cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*
huaweiberkeley-l09_firmware8.0.0.172cpe:2.3:o:huawei:berkeley-l09_firmware:8.0.0.172:*:*:*:*:*:*:*
huaweiberkeley-l09_firmware8.0.0.173cpe:2.3:o:huawei:berkeley-l09_firmware:8.0.0.173:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	alp-al00b_firmware	8.0.0.153	cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.153:::::::*
huawei	alp-l09_firmware	8.0.0.153	cpe:2.3:o:huawei:alp-l09_firmware:8.0.0.153:::::::*
huawei	alp-l29_firmware	8.0.0.145	cpe:2.3:o:huawei:alp-l29_firmware:8.0.0.145:::::::*
huawei	bla-al00b_firmware	*	cpe:2.3:o:huawei:bla-al00b_firmware::::::::
huawei	bla-l29c_firmware	8.0.0.146	cpe:2.3:o:huawei:bla-l29c_firmware:8.0.0.146:::::::*
huawei	bla-l29c_firmware	8.0.0.158	cpe:2.3:o:huawei:bla-l29c_firmware:8.0.0.158:::::::*
huawei	bla-l29c_firmware	*	cpe:2.3:o:huawei:bla-l29c_firmware::::::::
huawei	berkeley-al20_firmware	*	cpe:2.3:o:huawei:berkeley-al20_firmware::::::::
huawei	berkeley-l09_firmware	8.0.0.172	cpe:2.3:o:huawei:berkeley-l09_firmware:8.0.0.172:::::::*
huawei	berkeley-l09_firmware	8.0.0.173	cpe:2.3:o:huawei:berkeley-l09_firmware:8.0.0.173:::::::*

Rows per page:

1-10 of 871

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.7%

JSON

Related for HUAWEI-SA-20190814-01-MOBILE