Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for elle-al00b_firmware by huawei

    CVE-2019-5276 (GCVE-0-2019-5276)

    Vulnerability from nvd – Published: 2019-12-23 17:54 – Updated: 2024-08-04 19:54
    VLAI
    Summary
    Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
    Severity
    No CVSS data available.
    CWE
    • Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei ELLE-AL00B Affected: earlier versions than 9.1.0.222(C00E220R2P1)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:54:51.772Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ELLE-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier versions than 9.1.0.222(C00E220R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-23T17:54:21.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ELLE-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier versions than 9.1.0.222(C00E220R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5276",
        "datePublished": "2019-12-23T17:54:21.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:54:51.772Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5235 (GCVE-0-2019-5235)

    Vulnerability from nvd – Published: 2019-12-13 23:09 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
    Severity
    No CVSS data available.
    CWE
    • null pointer dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B Affected: Version
    Affected: 9.1.0.206(C00E205R3P1)
    Affected: 9.0.1.5(C735R1)
    Affected: 9.1.0.1(C00R3)
    Affected: 9.1.0.206
    Affected: 9.0.1.162(C01E160R2P3)
    Affected: 8.2.0.170(C861)
    Affected: 8.2.0.188(C00R2P1)
    Affected: 8.2.0.163(C605)
    Affected: 8.2.0.160(C185)
    Affected: 8.2.0.156(C636R2P2)
    Affected: 8.2.0.152(C45CUSTC45D1)
    Affected: 8.2.0.162(C605)
    Affected: 8.2.0.175(C00R2P4)
    Affected: 8.2.0.190(C788R1P16)
    Affected: 8.2.0.161(C675CUSTC675D1)
    Affected: 8.2.0.165(C00R1P16)
    Affected: 8.2.0.130(C461R1P1)
    Affected: 8.2.0.130(C652CUSTC652D1)
    Affected: 8.2.0.131(C10R2P2)
    Affected: 8.2.0.136(C432CUSTC432D1)
    Affected: 8.2.0.101(C10CUSTC10D1)
    Affected: 8.2.0.101(C432CUSTC432D1)
    Affected: 8.2.0.131(C55CUSTC55D1)
    Affected: 8.2.0.105(C185R1P1)
    Affected: 8.2.0.107(C636R2P1)
    Affected: 8.2.0.103(C652CUSTC652D1)
    Affected: 8.2.0.105(C185R2P1)
    Affected: 8.2.0.130(C636CUSTC636D2)
    Affected: 8.2.0.133(C605CUSTC605D1)
    Affected: 8.2.0.155(C675R2P1)
    Affected: 8.2.0.110(C652CUSTC652D1)
    Affected: 8.2.0.100(C541CUSTC541D1)
    Affected: 8.2.0.165(C01R1P16)
    Affected: 9.1.0.208(C00E205R3P1)
    Affected: 9.1.0.162(C00E160R2P1)
    Affected: 9.1.0.12(C00R1)
    Affected: 9.1.0.4(C735R1)
    Affected: 9.1.0.162
    Affected: 9.1.0.161
    Affected: 9.1.0.162(C01E160R2P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Version"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.5(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.1(C00R3)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.162(C01E160R2P3)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.170(C861)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.188(C00R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.163(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.160(C185)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.156(C636R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.152(C45CUSTC45D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.162(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.175(C00R2P4)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.190(C788R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.161(C675CUSTC675D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C00R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C461R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C10R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.136(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C10CUSTC10D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C55CUSTC55D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.107(C636R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.103(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C636CUSTC636D2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.133(C605CUSTC605D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.155(C675R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.110(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.100(C541CUSTC541D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C01R1P16)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.208(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C00E160R2P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.12(C00R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.4(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.161"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C01E160R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "null pointer dereference",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:09:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5235",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Version"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.0.1.5(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.1(C00R3)"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.206"
                              },
                              {
                                "version_value": "9.0.1.162(C01E160R2P3)"
                              },
                              {
                                "version_value": "8.2.0.170(C861)"
                              },
                              {
                                "version_value": "8.2.0.188(C00R2P1)"
                              },
                              {
                                "version_value": "8.2.0.163(C605)"
                              },
                              {
                                "version_value": "8.2.0.160(C185)"
                              },
                              {
                                "version_value": "8.2.0.156(C636R2P2)"
                              },
                              {
                                "version_value": "8.2.0.152(C45CUSTC45D1)"
                              },
                              {
                                "version_value": "8.2.0.162(C605)"
                              },
                              {
                                "version_value": "8.2.0.175(C00R2P4)"
                              },
                              {
                                "version_value": "8.2.0.190(C788R1P16)"
                              },
                              {
                                "version_value": "8.2.0.161(C675CUSTC675D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C00R1P16)"
                              },
                              {
                                "version_value": "8.2.0.130(C461R1P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C10R2P2)"
                              },
                              {
                                "version_value": "8.2.0.136(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C10CUSTC10D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C55CUSTC55D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R1P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.103(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R2P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C636CUSTC636D2)"
                              },
                              {
                                "version_value": "8.2.0.133(C605CUSTC605D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.110(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C01R1P16)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.4(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.162"
                              },
                              {
                                "version_value": "9.1.0.161"
                              },
                              {
                                "version_value": "9.1.0.162(C01E160R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "null pointer dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5235",
        "datePublished": "2019-12-13T23:09:32.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.874Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5246 (GCVE-0-2019-5246)

    Vulnerability from nvd – Published: 2019-11-12 23:14 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution.
    Severity
    No CVSS data available.
    CWE
    • Insufficient Verification
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a ELLE-AL00B Affected: 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.917Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ELLE-AL00B",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insufficient Verification",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-12T23:14:53.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5246",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ELLE-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insufficient Verification"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en",
                  "refsource": "MISC",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5246",
        "datePublished": "2019-11-12T23:14:53.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.917Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5276 (GCVE-0-2019-5276)

    Vulnerability from cvelistv5 – Published: 2019-12-23 17:54 – Updated: 2024-08-04 19:54
    VLAI
    Summary
    Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
    Severity
    No CVSS data available.
    CWE
    • Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei ELLE-AL00B Affected: earlier versions than 9.1.0.222(C00E220R2P1)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:54:51.772Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ELLE-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier versions than 9.1.0.222(C00E220R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-23T17:54:21.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5276",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ELLE-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier versions than 9.1.0.222(C00E220R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5276",
        "datePublished": "2019-12-23T17:54:21.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:54:51.772Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5235 (GCVE-0-2019-5235)

    Vulnerability from cvelistv5 – Published: 2019-12-13 23:09 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
    Severity
    No CVSS data available.
    CWE
    • null pointer dereference
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B Affected: Version
    Affected: 9.1.0.206(C00E205R3P1)
    Affected: 9.0.1.5(C735R1)
    Affected: 9.1.0.1(C00R3)
    Affected: 9.1.0.206
    Affected: 9.0.1.162(C01E160R2P3)
    Affected: 8.2.0.170(C861)
    Affected: 8.2.0.188(C00R2P1)
    Affected: 8.2.0.163(C605)
    Affected: 8.2.0.160(C185)
    Affected: 8.2.0.156(C636R2P2)
    Affected: 8.2.0.152(C45CUSTC45D1)
    Affected: 8.2.0.162(C605)
    Affected: 8.2.0.175(C00R2P4)
    Affected: 8.2.0.190(C788R1P16)
    Affected: 8.2.0.161(C675CUSTC675D1)
    Affected: 8.2.0.165(C00R1P16)
    Affected: 8.2.0.130(C461R1P1)
    Affected: 8.2.0.130(C652CUSTC652D1)
    Affected: 8.2.0.131(C10R2P2)
    Affected: 8.2.0.136(C432CUSTC432D1)
    Affected: 8.2.0.101(C10CUSTC10D1)
    Affected: 8.2.0.101(C432CUSTC432D1)
    Affected: 8.2.0.131(C55CUSTC55D1)
    Affected: 8.2.0.105(C185R1P1)
    Affected: 8.2.0.107(C636R2P1)
    Affected: 8.2.0.103(C652CUSTC652D1)
    Affected: 8.2.0.105(C185R2P1)
    Affected: 8.2.0.130(C636CUSTC636D2)
    Affected: 8.2.0.133(C605CUSTC605D1)
    Affected: 8.2.0.155(C675R2P1)
    Affected: 8.2.0.110(C652CUSTC652D1)
    Affected: 8.2.0.100(C541CUSTC541D1)
    Affected: 8.2.0.165(C01R1P16)
    Affected: 9.1.0.208(C00E205R3P1)
    Affected: 9.1.0.162(C00E160R2P1)
    Affected: 9.1.0.12(C00R1)
    Affected: 9.1.0.4(C735R1)
    Affected: 9.1.0.162
    Affected: 9.1.0.161
    Affected: 9.1.0.162(C01E160R2P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Version"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.5(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.1(C00R3)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.206"
                },
                {
                  "status": "affected",
                  "version": "9.0.1.162(C01E160R2P3)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.170(C861)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.188(C00R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.163(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.160(C185)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.156(C636R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.152(C45CUSTC45D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.162(C605)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.175(C00R2P4)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.190(C788R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.161(C675CUSTC675D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C00R1P16)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C461R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C10R2P2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.136(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C10CUSTC10D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.101(C432CUSTC432D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.131(C55CUSTC55D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R1P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.107(C636R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.103(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.105(C185R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.130(C636CUSTC636D2)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.133(C605CUSTC605D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.155(C675R2P1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.110(C652CUSTC652D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.100(C541CUSTC541D1)"
                },
                {
                  "status": "affected",
                  "version": "8.2.0.165(C01R1P16)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.208(C00E205R3P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C00E160R2P1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.12(C00R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.4(C735R1)"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.161"
                },
                {
                  "status": "affected",
                  "version": "9.1.0.162(C01E160R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "null pointer dereference",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-13T23:09:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5235",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Version"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.0.1.5(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.1(C00R3)"
                              },
                              {
                                "version_value": "9.1.0.206(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.206"
                              },
                              {
                                "version_value": "9.0.1.162(C01E160R2P3)"
                              },
                              {
                                "version_value": "8.2.0.170(C861)"
                              },
                              {
                                "version_value": "8.2.0.188(C00R2P1)"
                              },
                              {
                                "version_value": "8.2.0.163(C605)"
                              },
                              {
                                "version_value": "8.2.0.160(C185)"
                              },
                              {
                                "version_value": "8.2.0.156(C636R2P2)"
                              },
                              {
                                "version_value": "8.2.0.152(C45CUSTC45D1)"
                              },
                              {
                                "version_value": "8.2.0.162(C605)"
                              },
                              {
                                "version_value": "8.2.0.175(C00R2P4)"
                              },
                              {
                                "version_value": "8.2.0.190(C788R1P16)"
                              },
                              {
                                "version_value": "8.2.0.161(C675CUSTC675D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C00R1P16)"
                              },
                              {
                                "version_value": "8.2.0.130(C461R1P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C10R2P2)"
                              },
                              {
                                "version_value": "8.2.0.136(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C10CUSTC10D1)"
                              },
                              {
                                "version_value": "8.2.0.101(C432CUSTC432D1)"
                              },
                              {
                                "version_value": "8.2.0.131(C55CUSTC55D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R1P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.103(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.105(C185R2P1)"
                              },
                              {
                                "version_value": "8.2.0.107(C636R2P1)"
                              },
                              {
                                "version_value": "8.2.0.130(C636CUSTC636D2)"
                              },
                              {
                                "version_value": "8.2.0.133(C605CUSTC605D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.110(C652CUSTC652D1)"
                              },
                              {
                                "version_value": "8.2.0.155(C675R2P1)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "8.2.0.165(C01R1P16)"
                              },
                              {
                                "version_value": "8.2.0.100(C541CUSTC541D1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.208(C00E205R3P1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.4(C735R1)"
                              },
                              {
                                "version_value": "9.1.0.162(C00E160R2P1)"
                              },
                              {
                                "version_value": "9.1.0.12(C00R1)"
                              },
                              {
                                "version_value": "9.1.0.162"
                              },
                              {
                                "version_value": "9.1.0.161"
                              },
                              {
                                "version_value": "9.1.0.162(C01E160R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "null pointer dereference"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5235",
        "datePublished": "2019-12-13T23:09:32.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.874Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-5246 (GCVE-0-2019-5246)

    Vulnerability from cvelistv5 – Published: 2019-11-12 23:14 – Updated: 2024-08-04 19:47
    VLAI
    Summary
    Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution.
    Severity
    No CVSS data available.
    CWE
    • Insufficient Verification
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a ELLE-AL00B Affected: 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:47:56.917Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ELLE-AL00B",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Insufficient Verification",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-12T23:14:53.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-5246",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ELLE-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Insufficient Verification"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en",
                  "refsource": "MISC",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-01-codeexecution-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-5246",
        "datePublished": "2019-11-12T23:14:53.000Z",
        "dateReserved": "2019-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T19:47:56.917Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }