CVE-2019-5303— 多款Huawei产品输入验证错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2019-5303の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
N/A
ソース: NVD (National Vulnerability Database)
脆弱性説明
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
多款Huawei产品输入验证错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Huawei Mate20等都是中国华为(Huawei)公司的一款智能手机。 多款Huawei产品中存在拒绝服务漏洞,该漏洞源于在解析消息时对两个字段校验不重复。攻击者可通过伪基站向受影响设备发送特制的TD-SCDMA消息利用该漏洞导致死循环和设备重启。以下产品及版本受到影响:Huawei ALP-AL00B 9.1.0.333(C00E333R2P1T8)之前版本;ALP-L09 9.1.0.300(C432E4R1P9T8)之前版本;ALP-L29 9.1.0.315(C636E5R1P13T8)之前
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Huawei | ALP-AL00B | Versions earlier than 9.1.0.333(C00E333R2P1T8) | - | |
| Huawei | ALP-L09 | Versions earlier than 9.1.0.300(C432E4R1P9T8) | - | |
| Huawei | ALP-L29 | Versions earlier than 9.1.0.315(C636E5R1P13T8) | - | |
| Huawei | BLA-L29C | Versions earlier than 9.1.0.321(C636E4R1P14T8) | - | |
| Huawei | Berkeley-AL20 | Versions earlier than 9.1.0.333(C00E333R2P1T8) | - | |
| Huawei | Berkeley-L09 | Versions earlier than 9.1.0.350(C10E3R1P14T8) | - | |
| Huawei | Charlotte-L09C | Versions earlier than 9.1.0.311(C185E4R1P11T8) | - | |
| Huawei | Charlotte-L29C | Versions earlier than 9.1.0.325(C185E4R1P11T8) | - | |
| Huawei | Columbia-AL10B | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | Columbia-L29D | Versions earlier than 9.1.0.350(C461E3R1P11T8) | - | |
| Huawei | Cornell-AL00A | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | Cornell-L29A | Versions earlier than 9.1.0.328(C185E1R1P9T8) | - | |
| Huawei | Emily-L09C | Versions earlier than 9.1.0.336(C605E4R1P12T8) | - | |
| Huawei | Emily-L29C | Versions earlier than 9.1.0.311(C605E2R1P12T8) | - | |
| Huawei | Ever-L29B | Versions earlier than 9.1.0.311(C185E3R3P1) | - | |
| Huawei | HUAWEI Mate 20 | Versions earlier than 9.1.0.131(C00E131R3P1) | - | |
| Huawei | HUAWEI Mate 20 Pro | Versions earlier than 9.1.0.310(C185E10R2P1) | - | |
| Huawei | HUAWEI Mate 20 RS | Versions earlier than 9.1.0.135(C786E133R3P1) | - | |
| Huawei | HUAWEI Mate 20 X | Versions earlier than 9.1.0.135(C00E133R2P1) | - | |
| Huawei | HUAWEI P20 | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | HUAWEI P20 Pro | Versions earlier than 9.1.0.333(C00E333R1P1T8) | - | |
| Huawei | HUAWEI P30 | Versions earlier than 9.1.0.193 | - | |
| Huawei | HUAWEI P30 Pro | Versions earlier than 9.1.0.186(C00E180R2P1) | - | |
| Huawei | HUAWEI Y9 2019 | Versions earlier than 9.1.0.220(C605E3R1P1T8) | - | |
| Huawei | HUAWEI nova lite 3 | Versions earlier than 9.1.0.305(C635E8R2P2) | - | |
| Huawei | Honor 10 Lite | Versions earlier than 9.1.0.283(C605E8R2P2) | - | |
| Huawei | Honor 8X | Versions earlier than 9.1.0.221(C461E2R1P1T8) | - | |
| Huawei | Honor View 20 | Versions earlier than 9.1.0.238(C432E1R3P1) | - | |
| Huawei | Jackman-L22 | Versions earlier than 9.1.0.247(C636E2R4P1T8) | - | |
| Huawei | Paris-L21B | Versions earlier than 9.1.0.331(C432E1R1P2T8) | - | |
| Huawei | Paris-L21MEB | Versions earlier than 9.1.0.331(C185E4R1P3T8) | - | |
| Huawei | Paris-L29B | Versions earlier than 9.1.0.331(C636E1R1P3T8) | - | |
| Huawei | Sydney-AL00 | Versions earlier than 9.1.0.212(C00E62R1P7T8) | - | |
| Huawei | Sydney-L21 | Versions earlier than 9.1.0.215(C432E1R1P1T8) | - | |
| Huawei | Sydney-L21BR | Versions earlier than 9.1.0.213(C185E1R1P2T8) | - | |
| Huawei | Sydney-L22 | Versions earlier than 9.1.0.258(C636E1R1P1T8) | - | |
| Huawei | Sydney-L22BR | Versions earlier than 9.1.0.258(C636E1R1P1T8) | - | |
| Huawei | SydneyM-AL00 | Versions earlier than 9.1.0.228(C00E78R1P7T8) | - | |
| Huawei | SydneyM-L01 | Versions earlier than 9.1.0.215(C782E2R1P1T8) | - | |
| Huawei | SydneyM-L03 | Versions earlier than 9.1.0.217(C605E1R1P1T8) | - | |
| Huawei | SydneyM-L21 | Versions earlier than 9.1.0.221(C461E1R1P1T8) | - | |
| Huawei | SydneyM-L22 | Versions earlier than 9.1.0.259(C185E1R1P2T8) | - | |
| Huawei | SydneyM-L23 | Versions earlier than 9.1.0.226(C605E2R1P1T8) | - | |
| Huawei | Yale-L21A | Versions earlier than 9.1.0.154(C432E2R3P2) | - | |
| Huawei | Honor 20 | Versions earlier than 9.1.0.152(C00E150R5P1) | - | |
| Huawei | Honor Magic2 | Versions earlier than 10.0.0.187 | - | |
| Huawei | Honor V20 | Versions earlier than 9.1.0.234(C00E234R4P3) | - |
II. CVE-2019-5303の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2019-5303のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Huawei · 2020-04-27 · 10 CVEs total
| CVE-2020-1845 | Huawei PCManager 安全漏洞 | |
| CVE-2020-1807 | Huawei Mate 20 安全漏洞 | |
| CVE-2020-9072 | Huawei OSD 安全漏洞 | |
| CVE-2020-1804 | Huawei Honor V10 缓冲区错误漏洞 | |
| CVE-2020-1805 | Huawei Honor V10 缓冲区错误漏洞 | |
| CVE-2020-1806 | Huawei Honor V10 缓冲区错误漏洞 | |
| CVE-2020-1880 | Huawei Lion-AL00C 输入验证错误漏洞 | |
| CVE-2020-9068 | Huawei AR3200 授权问题漏洞 | |
| CVE-2019-5302 | 多款Huawei产品输入验证错误漏洞 |
IV. 関連脆弱性
V. CVE-2019-5303へのコメント
まだコメントはありません