ID

VAR-201912-0800


CVE

CVE-2019-5235


TITLE

plural Huawei In smartphone products NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-013429

DESCRIPTION

Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal. plural Huawei For smartphone products, NULL A vulnerability related to pointer dereference exists.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei Harry-AL00C and others are all smartphones from China's Huawei. A number of Huawei products have security vulnerabilities

Trust: 2.16

sources: NVD: CVE-2019-5235 // JVNDB: JVNDB-2019-013429 // CNVD: CNVD-2019-44950

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-44950

AFFECTED PRODUCTS

vendor:huaweimodel:johnson-l21d 8.2.0.101scope: - version: -

Trust: 1.2

vendor:huaweimodel:johnson-l21c 8.2.0.130scope: - version: -

Trust: 1.2

vendor:huaweimodel:columbia-l29dscope:eqversion:8.1.0.148\(c185\)

Trust: 1.0

vendor:huaweimodel:ever-al00bscope:eqversion:9.0.0.195\(c00e195r2p1\)

Trust: 1.0

vendor:huaweimodel:jackman-l23scope:eqversion:8.2.0.162\(c605\)

Trust: 1.0

vendor:huaweimodel:ever-l29bscope:eqversion:9.0.0.207\(c636e3r2p1\)

Trust: 1.0

vendor:huaweimodel:johnson-l42iescope:eqversion:8.2.0.155\(c675r2p1\)

Trust: 1.0

vendor:huaweimodel:harry-al10bscope:eqversion: -

Trust: 1.0

vendor:huaweimodel:johnson-l21dscope:eqversion:8.2.0.131\(c55custc55d1\)

Trust: 1.0

vendor:huaweimodel:columbia-l29dscope:eqversion:8.1.0.146\(c461\)

Trust: 1.0

vendor:huaweimodel:columbia-al10bscope:eqversion:8.1.0.163\(c00\)

Trust: 1.0

vendor:huaweimodel:jackman-l23scope:eqversion:8.2.0.152\(c45custc45d1\)

Trust: 1.0

vendor:huaweimodel:johnson-tl00fscope:eqversion:8.2.0.100\(c541custc541d1\)

Trust: 1.0

vendor:huaweimodel:potter-al00cscope:eqversion:9.1.0.208\(c00e205r3p1\)

Trust: 1.0

vendor:huaweimodel:emily-al00ascope:eqversion:8.1.0.190\(c00\)

Trust: 1.0

vendor:huaweimodel:jackman-l22scope:eqversion:8.2.0.156\(c636r2p2\)

Trust: 1.0

vendor:huaweimodel:vogue-al10cscope:eqversion:9.1.0.162\(c00e160r2p1\)

Trust: 1.0

vendor:huaweimodel:johnson-l21cscope:eqversion:8.2.0.136\(c432custc432d1\)

Trust: 1.0

vendor:huaweimodel:neo-al00dscope:eqversion:8.1.0.175\(c786\)

Trust: 1.0

vendor:huaweimodel:johnson-l21cscope:eqversion:8.2.0.130\(c461r1p1\)

Trust: 1.0

vendor:huaweimodel:charlotte-tl00bscope:eqversion:8.1.0.176\(c01\)

Trust: 1.0

vendor:huaweimodel:harry-tl00cscope:eqversion:9.0.1.162\(c01e160r2p3\)

Trust: 1.0

vendor:huaweimodel:johnson-l23cscope:eqversion:8.2.0.133\(c605custc605d1\)

Trust: 1.0

vendor:huaweimodel:jackman-l21scope:eqversion:8.2.0.160\(c185\)

Trust: 1.0

vendor:huaweimodel:columbia-al10iscope:eqversion:8.1.0.150\(c675custc675d2\)

Trust: 1.0

vendor:huaweimodel:johnson-l21dscope:eqversion:8.2.0.101\(c432custc432d1\)

Trust: 1.0

vendor:huaweimodel:johnson-tl00dscope:eqversion:8.2.0.100\(c541custc541d1\)

Trust: 1.0

vendor:huaweimodel:ever-l29bscope:eqversion:9.0.0.206\(c185e3r3p1\)

Trust: 1.0

vendor:huaweimodel:johnson-l22dscope:eqversion:8.2.0.107\(c636r2p1\)

Trust: 1.0

vendor:huaweimodel:tony-tl00bscope:eqversion:9.1.0.206\(c01e200r2p3\)

Trust: 1.0

vendor:huaweimodel:vogue-tl00bscope:eqversion:9.1.0.162\(c01e160r2p1\)

Trust: 1.0

vendor:huaweimodel:emily-tl00bscope:eqversion:8.1.0.175\(c01\)

Trust: 1.0

vendor:huaweimodel:alp-al00bscope:eqversion:8.0.0.153\(c00\)

Trust: 1.0

vendor:huaweimodel:ever-l29bscope:eqversion:9.0.0.208\(c432e3r1p12\)

Trust: 1.0

vendor:huaweimodel:columbia-l29dscope:eqversion:8.1.0.151\(c432\)

Trust: 1.0

vendor:huaweimodel:johnson-l23cscope:eqversion:8.2.0.130\(c636custc636d2\)

Trust: 1.0

vendor:huaweimodel:johnson-tl00dscope:eqversion:8.2.0.165\(c01r1p16\)

Trust: 1.0

vendor:huaweimodel:johnson-l21dscope:eqversion:8.2.0.101\(c10custc10d1\)

Trust: 1.0

vendor:huaweimodel:princeton-al10bscope:eqversion:9.1.0.211\(c00e203r2p2\)

Trust: 1.0

vendor:huaweimodel:vogue-al00a-preloadscope:eqversion:9.1.0.12\(c00r1\)

Trust: 1.0

vendor:huaweimodel:johnson-l21cscope:eqversion:8.2.0.131\(c10r2p2\)

Trust: 1.0

vendor:huaweimodel:princeton-al10dscope:eqversion:9.1.0.212\(c00e204r2p2\)

Trust: 1.0

vendor:huaweimodel:vogue-al10c-preloadscope:eqversion:9.1.0.12\(c00r1\)

Trust: 1.0

vendor:huaweimodel:harry-al00cscope:eqversion:9.1.0.206\(c00e205r3p1\)

Trust: 1.0

vendor:huaweimodel:johnson-l22dscope:eqversion:8.2.0.105\(c185r2p1\)

Trust: 1.0

vendor:huaweimodel:bla-tl00bscope:eqversion:8.0.0.129\(sp2c01\)

Trust: 1.0

vendor:huaweimodel:laya-al00epscope:eqversion:9.0.0.201\(c786e200r2p1\)

Trust: 1.0

vendor:huaweimodel:johnson-al00icscope:eqversion:8.2.0.161\(c675custc675d1\)

Trust: 1.0

vendor:huaweimodel:johnson-l42ifscope:eqversion:8.2.0.155\(c675r2p1\)

Trust: 1.0

vendor:huaweimodel:columbia-tl00dscope:eqversion:8.1.0.186\(c01gt\)

Trust: 1.0

vendor:huaweimodel:harry-al10bscope:eqversion:9.1.0.206\(c00e205r3p1\)

Trust: 1.0

vendor:huaweimodel:princeton-al10iscope:eqversion:9.0.1.150\(c675e9r1p4\)

Trust: 1.0

vendor:huaweimodel:princeton-tl10cscope:eqversion:9.1.0.211\(c01e203r2p2\)

Trust: 1.0

vendor:huaweimodel:alp-tl00bscope:eqversion:8.0.0.129\(sp2c01\)

Trust: 1.0

vendor:huaweimodel:elle-tl00bscope:eqversion:9.1.0.162\(c01e160r2p1\)

Trust: 1.0

vendor:huaweimodel:bla-al00bscope:eqversion:8.0.0.153\(c00\)

Trust: 1.0

vendor:huaweimodel:bla-al00bscope:eqversion:8.0.0.129\(sp2c786\)

Trust: 1.0

vendor:huaweimodel:hima-al00bscope:eqversion:9.0.0.200\(c00e200r2p1\)

Trust: 1.0

vendor:huaweimodel:tony-al00bscope:eqversion:9.1.0.206\(c00e200r2p3\)

Trust: 1.0

vendor:huaweimodel:charlotte-al00ascope:eqversion:8.1.0.176\(c00\)

Trust: 1.0

vendor:huaweimodel:elle-al00bscope:eqversion:9.1.0.162\(c00e160r2p1\)

Trust: 1.0

vendor:huaweimodel:johnson-al10cscope:eqversion:8.2.0.165\(c00r1p16\)

Trust: 1.0

vendor:huaweimodel:vogue-al00ascope:eqversion:9.1.0.162\(c00e160r2p1\)

Trust: 1.0

vendor:huaweimodel:johnson-l42icscope:eqversion:8.2.0.155\(c675r2p1\)

Trust: 1.0

vendor:huaweimodel:johnson-l22cscope:eqversion:8.2.0.107\(c636r2p1\)

Trust: 1.0

vendor:huaweimodel:columbia-l29dscope:eqversion:8.1.0.151\(c10\)

Trust: 1.0

vendor:huaweimodel:johnson-l22cscope:eqversion:8.2.0.105\(c185r1p1\)

Trust: 1.0

vendor:huaweimodel:potter-al10ascope:eqversion:9.1.0.208\(c00e205r3p1\)

Trust: 1.0

vendor:huaweimodel:alp-al00bscope: - version: -

Trust: 0.8

vendor:huaweimodel:alp-tl00bscope: - version: -

Trust: 0.8

vendor:huaweimodel:bla-al00bscope: - version: -

Trust: 0.8

vendor:huaweimodel:bla-tl00bscope: - version: -

Trust: 0.8

vendor:huaweimodel:charlotte al00ascope: - version: -

Trust: 0.8

vendor:huaweimodel:charlotte tl00bscope: - version: -

Trust: 0.8

vendor:huaweimodel:columbia al10bscope: - version: -

Trust: 0.8

vendor:huaweimodel:columbia al10iscope: - version: -

Trust: 0.8

vendor:huaweimodel:columbia l29dscope: - version: -

Trust: 0.8

vendor:huaweimodel:columbia tl00dscope: - version: -

Trust: 0.8

vendor:huaweimodel:vogue-al10c 9.1.0.162scope: - version: -

Trust: 0.6

vendor:huaweimodel:vogue-al10c-preload 9.1.0.12scope: - version: -

Trust: 0.6

vendor:huaweimodel:vogue-lgrp1-chnscope: - version: -

Trust: 0.6

vendor:huaweimodel:vogue-lgrp2-ovsscope:eqversion:9.1.0.161

Trust: 0.6

vendor:huaweimodel:vogue-tl00b 9.1.0.162scope: - version: -

Trust: 0.6

vendor:huaweimodel:vogue-al00a-preload 9.1.0.12scope: - version: -

Trust: 0.6

vendor:huaweimodel:vogue-al00a-preload 9.1.0.4scope: - version: -

Trust: 0.6

vendor:huaweimodel:vogue-al00a 9.1.0.162scope: - version: -

Trust: 0.6

vendor:huaweimodel:potter-al10a 9.1.0.208scope: - version: -

Trust: 0.6

vendor:huaweimodel:potter-al00c 9.1.0.208scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-tl00f 8.2.0.100scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-tl00d 8.2.0.100scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-tl00d 8.2.0.165scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l42if 8.2.0.110scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l42if 8.2.0.155scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l42ie 8.2.0.155scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l42ic 8.2.0.155scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l23c 8.2.0.130scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l23c 8.2.0.133scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l22d 8.2.0.103scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l22d 8.2.0.105scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l22d 8.2.0.107scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l22c 8.2.0.105scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l22c 8.2.0.107scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l21d 8.2.0.131scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l21c 8.2.0.131scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-l21c 8.2.0.136scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-al10c 8.2.0.165scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-al00ic 8.2.0.161scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-al00c 8.2.0.175scope: - version: -

Trust: 0.6

vendor:huaweimodel:johnson-al00c 8.2.0.190scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-l23 8.2.0.152scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-l23 8.2.0.162scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-l22 8.2.0.156scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-l21 8.2.0.160scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-l03 8.2.0.163scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-al00d 8.2.0.170scope: - version: -

Trust: 0.6

vendor:huaweimodel:jackman-al00d 8.2.0.188scope: - version: -

Trust: 0.6

vendor:huaweimodel:harry-tl00c 9.0.1.162scope: - version: -

Trust: 0.6

vendor:huaweimodel:harry-lgrp1-chnscope:eqversion:9.1.0.206

Trust: 0.6

vendor:huaweimodel:harry-al10b 9.1.0.206scope: - version: -

Trust: 0.6

vendor:huaweimodel:harry-al00c-preload 9.0.1.5scope: - version: -

Trust: 0.6

vendor:huaweimodel:harry-al00c-preload 9.1.0.1scope: - version: -

Trust: 0.6

vendor:huaweimodel:harry-al00c 9.1.0.206scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2019-44950 // JVNDB: JVNDB-2019-013429 // NVD: CVE-2019-5235

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-5235
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-5235
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-44950
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201908-1739
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-5235
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-44950
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-5235
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2019-5235
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-44950 // JVNDB: JVNDB-2019-013429 // CNNVD: CNNVD-201908-1739 // NVD: CVE-2019-5235

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.8

sources: JVNDB: JVNDB-2019-013429 // NVD: CVE-2019-5235

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-1739

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201908-1739

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-013429

PATCH

title:huawei-sa-20190821-01-smartphoneurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en

Trust: 0.8

title:Patch for Unknown vulnerabilities in multiple Huawei productsurl:https://www.cnvd.org.cn/patchInfo/show/193797

Trust: 0.6

title:Multiple Huawei Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97323

Trust: 0.6

sources: CNVD: CNVD-2019-44950 // JVNDB: JVNDB-2019-013429 // CNNVD: CNNVD-201908-1739

EXTERNAL IDS

db:NVDid:CVE-2019-5235

Trust: 3.0

db:JVNDBid:JVNDB-2019-013429

Trust: 0.8

db:CNVDid:CNVD-2019-44950

Trust: 0.6

db:CNNVDid:CNNVD-201908-1739

Trust: 0.6

sources: CNVD: CNVD-2019-44950 // JVNDB: JVNDB-2019-013429 // CNNVD: CNNVD-201908-1739 // NVD: CVE-2019-5235

REFERENCES

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-5235

Trust: 1.4

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190821-01-smartphone-cn

Trust: 1.2

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5235

Trust: 0.8

sources: CNVD: CNVD-2019-44950 // JVNDB: JVNDB-2019-013429 // CNNVD: CNNVD-201908-1739 // NVD: CVE-2019-5235

CREDITS

The vulnerability was discovered by Huawei internal testing.

Trust: 0.6

sources: CNNVD: CNNVD-201908-1739

SOURCES

db:CNVDid:CNVD-2019-44950
db:JVNDBid:JVNDB-2019-013429
db:CNNVDid:CNNVD-201908-1739
db:NVDid:CVE-2019-5235

LAST UPDATE DATE

2024-11-23T22:55:20.022000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-44950date:2019-12-11T00:00:00
db:JVNDBid:JVNDB-2019-013429date:2020-01-06T00:00:00
db:CNNVDid:CNNVD-201908-1739date:2019-12-24T00:00:00
db:NVDid:CVE-2019-5235date:2024-11-21T04:44:34.617

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-44950date:2019-12-11T00:00:00
db:JVNDBid:JVNDB-2019-013429date:2020-01-06T00:00:00
db:CNNVDid:CNNVD-201908-1739date:2019-08-21T00:00:00
db:NVDid:CVE-2019-5235date:2019-12-14T00:15:10.977