Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Adjacent_network
0

CVE-2019-5302

Disclosure Date: April 27, 2020
CVE-2019-5302 CVSS v3 Base Score: 5.3
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
5.3 Medium
Impact Score:
3.6
Exploitability Score:
1.6
Vector:
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Adjacent_network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Sydney-L21 Versions earlier than 9.1.0.215(C432E1R1P1T8)
Sydney-L21 Versions earlier than 9.1.0.213(C185E1R1P1T8)
Sydney-L21BR Versions earlier than 9.1.0.213(C185E1R1P2T8)
Sydney-L22 Versions earlier than 9.1.0.258(C636E1R1P1T8)
Sydney-L22BR Versions earlier than 9.1.0.258(C636E1R1P1T8)
SydneyM-AL00 Versions earlier than 9.1.0.228(C00E78R1P7T8)
SydneyM-L01 Versions earlier than 9.1.0.215(C782E2R1P1T8)
SydneyM-L01 Versions earlier than 9.1.0.213(C185E1R1P1T8)
SydneyM-L01 Versions earlier than 9.1.0.270(C432E3R1P1T8)
SydneyM-L03 Versions earlier than 9.1.0.217(C605E1R1P1T8)
SydneyM-L21 Versions earlier than 9.1.0.221(C461E1R1P1T8)
SydneyM-L21 Versions earlier than 9.1.0.215(C432E4R1P1T8)
SydneyM-L22 Versions earlier than 9.1.0.259(C185E1R1P2T8)
SydneyM-L22 Versions earlier than 9.1.0.220(C635E1R1P2T8)
SydneyM-L22 Versions earlier than 9.1.0.216(C569E1R1P1T8)
SydneyM-L23 Versions earlier than 9.1.0.226(C605E2R1P1T8)
Yale-L21A Versions earlier than 9.1.0.154(C432E2R3P2)
Yale-L21A Versions earlier than 9.1.0.154(C461E2R2P1)
Yale-L21A Versions earlier than 9.1.0.154(C636E2R2P1)
Honor 20 Versions earlier than 9.1.0.152(C00E150R5P1)
Honor Magic2 Versions earlier than 10.0.0.187
Honor V20 Versions earlier than 9.1.0.234(C00E234R4P3)
HUAWEI Mate 20 Versions earlier than 9.1.0.131(C00E131R3P1)
HUAWEI Mate 20 Pro Versions earlier than 9.1.0.310(C185E10R2P1)
HUAWEI Mate 20 RS Versions earlier than 9.1.0.135(C786E133R3P1)
HUAWEI Mate 20 X Versions earlier than 9.1.0.135(C00E133R2P1)
HUAWEI P20 Versions earlier than 9.1.0.333(C00E333R1P1T8)
HUAWEI P20 Pro Versions earlier than 9.1.0.333(C00E333R1P1T8)
HUAWEI P30 Versions earlier than 9.1.0.193
HUAWEI P30 Pro Versions earlier than 9.1.0.186(C00E180R2P1)
HUAWEI Y9 2019 Versions earlier than 9.1.0.220(C605E3R1P1T8)
HUAWEI nova lite 3 Versions earlier than 9.1.0.305(C635E8R2P2)
Honor 10 Lite Versions earlier than 9.1.0.283(C605E8R2P2)
Honor 8X Versions earlier than 9.1.0.221(C461E2R1P1T8)
Honor View 20 Versions earlier than 9.1.0.238(C432E1R3P1)
Jackman-L22 Versions earlier than 9.1.0.247(C636E2R4P1T8)
Paris-L21B Versions earlier than 9.1.0.331(C432E1R1P2T8)
Paris-L21MEB Versions earlier than 9.1.0.331(C185E4R1P3T8)
Paris-L29B Versions earlier than 9.1.0.331(C636E1R1P3T8)
Sydney-AL00 Versions earlier than 9.1.0.212(C00E62R1P7T8)
Charlotte-L29C Versions earlier than 9.1.0.325(C185E4R1P11T8)
Charlotte-L29C Versions earlier than 9.1.0.335(C636E3R1P13T8)
Charlotte-L29C Versions earlier than 9.1.0.345(C432E8R1P11T8)
Charlotte-L29C Versions earlier than 9.1.0.336(C605E3R1P12T8)
Columbia-AL10B Versions earlier than 9.1.0.333(C00E333R1P1T8)
Columbia-L29D Versions earlier than 9.1.0.350(C461E3R1P11T8)
Columbia-L29D Versions earlier than 9.1.0.350(C185E3R1P12T8)
Columbia-L29D Versions earlier than 9.1.0.350(C10E5R1P14T8)
Columbia-L29D Versions earlier than 9.1.0.351(C432E5R1P13T8)
Cornell-AL00A Versions earlier than 9.1.0.333(C00E333R1P1T8)
Cornell-L29A Versions earlier than 9.1.0.328(C185E1R1P9T8)
Cornell-L29A Versions earlier than 9.1.0.328(C432E1R1P9T8)
Cornell-L29A Versions earlier than 9.1.0.330(C461E1R1P9T8)
Cornell-L29A Versions earlier than 9.1.0.328(C636E2R1P12T8)
Emily-L09C Versions earlier than 9.1.0.336(C605E4R1P12T8)
Emily-L09C Versions earlier than 9.1.0.311(C185E2R1P12T8)
Emily-L09C Versions earlier than 9.1.0.345(C432E10R1P12T8)
Emily-L29C Versions earlier than 9.1.0.311(C605E2R1P12T8)
Emily-L29C Versions earlier than 9.1.0.311(C636E7R1P13T8)
Emily-L29C Versions earlier than 9.1.0.311(C432E7R1P11T8)
Ever-L29B Versions earlier than 9.1.0.311(C185E3R3P1)
ALP-AL00B Versions earlier than 9.1.0.333(C00E333R2P1T8)
ALP-L09 Versions earlier than 9.1.0.300(C432E4R1P9T8)
ALP-L29 Versions earlier than 9.1.0.315(C636E5R1P13T8)
BLA-L29C Versions earlier than 9.1.0.321(C636E4R1P14T8)
BLA-L29C Versions earlier than 9.1.0.330(C432E6R1P12T8)
BLA-L29C Versions earlier than 9.1.0.302(C635E4R1P13T8)
Berkeley-AL20 Versions earlier than 9.1.0.333(C00E333R2P1T8)
Berkeley-L09 Versions earlier than 9.1.0.350(C10E3R1P14T8)
Berkeley-L09 Versions earlier than 9.1.0.351(C432E5R1P13T8)
Berkeley-L09 Versions earlier than 9.1.0.350(C636E4R1P13T8)
Charlotte-L09C Versions earlier than 9.1.0.311(C185E4R1P11T8)
Charlotte-L09C Versions earlier than 9.1.0.345(C432E8R1P11T8)
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis