CVE-2019-5302
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-5302
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Huawei产品输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei Mate20等都是中国华为(Huawei)公司的一款智能手机。 多款Huawei产品中存在拒绝服务漏洞,该漏洞源于在解析消息时对两个字段校验不重复。攻击者可通过伪基站向受影响设备发送特制的TD-SCDMA消息利用该漏洞导致死循环和设备重启。以下产品及版本受到影响:Huawei ALP-AL00B 9.1.0.333(C00E333R2P1T8)之前版本;ALP-L09 9.1.0.300(C432E4R1P9T8)之前版本;ALP-L29 9.1.0.315(C636E5R1P13T8)之前
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Huawei | Sydney-L21 | Versions earlier than 9.1.0.215(C432E1R1P1T8) | - | |
| Huawei | Sydney-L21BR | Versions earlier than 9.1.0.213(C185E1R1P2T8) | - | |
| Huawei | Sydney-L22 | Versions earlier than 9.1.0.258(C636E1R1P1T8) | - | |
| Huawei | Sydney-L22BR | Versions earlier than 9.1.0.258(C636E1R1P1T8) | - | |
| Huawei | SydneyM-AL00 | Versions earlier than 9.1.0.228(C00E78R1P7T8) | - | |
| Huawei | SydneyM-L01 | Versions earlier than 9.1.0.215(C782E2R1P1T8) | - | |
| Huawei | SydneyM-L03 | Versions earlier than 9.1.0.217(C605E1R1P1T8) | - | |
| Huawei | SydneyM-L21 | Versions earlier than 9.1.0.221(C461E1R1P1T8) | - | |
| Huawei | SydneyM-L22 | Versions earlier than 9.1.0.259(C185E1R1P2T8) | - | |
| Huawei | SydneyM-L23 | Versions earlier than 9.1.0.226(C605E2R1P1T8) | - | |
| Huawei | Yale-L21A | Versions earlier than 9.1.0.154(C432E2R3P2) | - | |
| Huawei | Honor 20 | Versions earlier than 9.1.0.152(C00E150R5P1) | - | |
| Huawei | Honor Magic2 | Versions earlier than 10.0.0.187 | - | |
| Huawei | Honor V20 | Versions earlier than 9.1.0.234(C00E234R4P3) | - | |
| Huawei | HUAWEI Mate 20 | Versions earlier than 9.1.0.131(C00E131R3P1) | - | |
| Huawei | HUAWEI Mate 20 Pro | Versions earlier than 9.1.0.310(C185E10R2P1) | - | |
| Huawei | HUAWEI Mate 20 RS | Versions earlier than 9.1.0.135(C786E133R3P1) | - | |
| Huawei | HUAWEI Mate 20 X | Versions earlier than 9.1.0.135(C00E133R2P1) | - | |
| Huawei | HUAWEI P20 | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | HUAWEI P20 Pro | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | HUAWEI P30 | Versions earlier than 9.1.0.193 | - | |
| Huawei | HUAWEI P30 Pro | Versions earlier than 9.1.0.186(C00E180R2P1) | - | |
| Huawei | HUAWEI Y9 2019 | Versions earlier than 9.1.0.220(C605E3R1P1T8) | - | |
| Huawei | HUAWEI nova lite 3 | Versions earlier than 9.1.0.305(C635E8R2P2) | - | |
| Huawei | Honor 10 Lite | Versions earlier than 9.1.0.283(C605E8R2P2) | - | |
| Huawei | Honor 8X | Versions earlier than 9.1.0.221(C461E2R1P1T8) | - | |
| Huawei | Honor View 20 | Versions earlier than 9.1.0.238(C432E1R3P1) | - | |
| Huawei | Jackman-L22 | Versions earlier than 9.1.0.247(C636E2R4P1T8) | - | |
| Huawei | Paris-L21B | Versions earlier than 9.1.0.331(C432E1R1P2T8) | - | |
| Huawei | Paris-L21MEB | Versions earlier than 9.1.0.331(C185E4R1P3T8) | - | |
| Huawei | Paris-L29B | Versions earlier than 9.1.0.331(C636E1R1P3T8) | - | |
| Huawei | Sydney-AL00 | Versions earlier than 9.1.0.212(C00E62R1P7T8) | - | |
| Huawei | Charlotte-L29C | Versions earlier than 9.1.0.325(C185E4R1P11T8) | - | |
| Huawei | Columbia-AL10B | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | Columbia-L29D | Versions earlier than 9.1.0.350(C461E3R1P11T8) | - | |
| Huawei | Cornell-AL00A | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | Cornell-L29A | Versions earlier than 9.1.0.328(C185E1R1P9T8) | - | |
| Huawei | Emily-L09C | Versions earlier than 9.1.0.336(C605E4R1P12T8) | - | |
| Huawei | Emily-L29C | Versions earlier than 9.1.0.311(C605E2R1P12T8) | - | |
| Huawei | Ever-L29B | Versions earlier than 9.1.0.311(C185E3R3P1) | - | |
| Huawei | ALP-AL00B | Versions earlier than 9.1.0.333(C00E333R2P1T8) | - | |
| Huawei | ALP-L09 | Versions earlier than 9.1.0.300(C432E4R1P9T8) | - | |
| Huawei | ALP-L29 | Versions earlier than 9.1.0.315(C636E5R1P13T8) | - | |
| Huawei | BLA-L29C | Versions earlier than 9.1.0.321(C636E4R1P14T8) | - | |
| Huawei | Berkeley-AL20 | Versions earlier than 9.1.0.333(C00E333R2P1T8) | - | |
| Huawei | Berkeley-L09 | Versions earlier than 9.1.0.350(C10E3R1P14T8) | - | |
| Huawei | Charlotte-L09C | Versions earlier than 9.1.0.311(C185E4R1P11T8) | - |
II. Public POCs for CVE-2019-5302
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-5302
Please Login to view more intelligence information
Same Patch Batch · Huawei · 2020-04-27 · 10 CVEs total
| CVE-2020-1845 | Huawei PCManager 安全漏洞 | |
| CVE-2020-1807 | Huawei Mate 20 安全漏洞 | |
| CVE-2020-9072 | Huawei OSD 安全漏洞 | |
| CVE-2020-1804 | Huawei Honor V10 缓冲区错误漏洞 | |
| CVE-2020-1805 | Huawei Honor V10 缓冲区错误漏洞 | |
| CVE-2020-1806 | Huawei Honor V10 缓冲区错误漏洞 | |
| CVE-2020-1880 | Huawei Lion-AL00C 输入验证错误漏洞 | |
| CVE-2020-9068 | Huawei AR3200 授权问题漏洞 | |
| CVE-2019-5303 | 多款Huawei产品输入验证错误漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2019-5302
No comments yet