Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-mobile-en | Vendor Advisory |
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-mobile-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 04:44
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-mobile-en - Vendor Advisory |
Information
Published : 2019-12-13 22:15
Updated : 2024-11-21 04:44
NVD link : CVE-2019-5260
Mitre link : CVE-2019-5260
CVE.ORG link : CVE-2019-5260
JSON object : View
Products Affected
huawei
- y9_2019
- view_20
- view_20_firmware
- y9_2019_firmware
CWE
CWE-20
Improper Input Validation