CVE-2019-5235

CVSS V2 Medium 5 CVSS V3 Medium 5.3
Description
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
Overview
  • CVE ID
  • CVE-2019-5235
  • Assigner
  • psirt@huawei.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2019-12-14T00:15:10
  • Last Modified Date
  • 2019-12-23T18:32:00
Weakness Enumerations
CWE URL
CWE-476 http://cwe.mitre.org/data/definitions/476.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.153\(c00\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:alp-tl00b_firmware:8.0.0.129\(sp2c01\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:alp-tl00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:bla-al00b_firmware:8.0.0.129\(sp2c786\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:bla-al00b_firmware:8.0.0.153\(c00\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.129\(sp2c01\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.176\(c00\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:charlotte-al00a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:charlotte-tl00b_firmware:8.1.0.176\(c01\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:charlotte-tl00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:columbia-al10b_firmware:8.1.0.163\(c00\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:columbia-al10i_firmware:8.1.0.150\(c675custc675d2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.146\(c461\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.148\(c185\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.151\(c10\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.151\(c432\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:columbia-tl00d_firmware:8.1.0.186\(c01gt\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:elle-al00b_firmware:9.1.0.162\(c00e160r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:elle-al00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:elle-tl00b_firmware:9.1.0.162\(c01e160r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:elle-tl00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.190\(c00\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:emily-tl00b_firmware:8.1.0.175\(c01\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:emily-tl00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:ever-al00b_firmware:9.0.0.195\(c00e195r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:ever-al00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:ever-l29b_firmware:9.0.0.206\(c185e3r3p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:ever-l29b_firmware:9.0.0.207\(c636e3r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:ever-l29b_firmware:9.0.0.208\(c432e3r1p12\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:harry-al00c_firmware:9.1.0.206\(c00e205r3p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:harry-al10b_firmware:9.1.0.206\(c00e205r3p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:harry-tl00c_firmware:9.0.1.162\(c01e160r2p3\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:hima-al00b_firmware:9.0.0.200\(c00e200r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:hima-al00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:jackman-l21_firmware:8.2.0.160\(c185\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:jackman-l21:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:jackman-l22_firmware:8.2.0.156\(c636r2p2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:jackman-l23_firmware:8.2.0.152\(c45custc45d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:jackman-l23_firmware:8.2.0.162\(c605\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:jackman-l23:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-al00ic_firmware:8.2.0.161\(c675custc675d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-al00ic:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-al10c_firmware:8.2.0.165\(c00r1p16\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-al10c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l21c_firmware:8.2.0.130\(c461r1p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l21c_firmware:8.2.0.131\(c10r2p2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l21c_firmware:8.2.0.136\(c432custc432d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l21c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l21d_firmware:8.2.0.101\(c10custc10d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l21d_firmware:8.2.0.101\(c432custc432d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l21d_firmware:8.2.0.131\(c55custc55d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l21d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l22c_firmware:8.2.0.105\(c185r1p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l22c_firmware:8.2.0.107\(c636r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l22c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l22d_firmware:8.2.0.105\(c185r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l22d_firmware:8.2.0.107\(c636r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l22d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l23c_firmware:8.2.0.130\(c636custc636d2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-l23c_firmware:8.2.0.133\(c605custc605d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l23c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l42ic_firmware:8.2.0.155\(c675r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l42ic:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l42ie_firmware:8.2.0.155\(c675r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l42ie:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-l42if_firmware:8.2.0.155\(c675r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-l42if:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-tl00d_firmware:8.2.0.100\(c541custc541d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:o:huawei:johnson-tl00d_firmware:8.2.0.165\(c01r1p16\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:johnson-tl00f_firmware:8.2.0.100\(c541custc541d1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:laya-al00ep_firmware:9.0.0.201\(c786e200r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:neo-al00d_firmware:8.1.0.175\(c786\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:potter-al00c_firmware:9.1.0.208\(c00e205r3p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:potter-al10a_firmware:9.1.0.208\(c00e205r3p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:princeton-al10b_firmware:9.1.0.211\(c00e203r2p2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:princeton-al10d_firmware:9.1.0.212\(c00e204r2p2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:princeton-al10i_firmware:9.0.1.150\(c675e9r1p4\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:princeton-al10i:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:princeton-tl10c_firmware:9.1.0.211\(c01e203r2p2\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:tony-al00b_firmware:9.1.0.206\(c00e200r2p3\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:tony-tl00b_firmware:9.1.0.206\(c01e200r2p3\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:vogue-al00a_firmware:9.1.0.162\(c00e160r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:vogue-al00a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:vogue-al00a-preload_firmware:9.1.0.12\(c00r1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:vogue-al00a-preload:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:vogue-al10c_firmware:9.1.0.162\(c00e160r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:vogue-al10c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:vogue-al10c-preload_firmware:9.1.0.12\(c00r1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:vogue-al10c-preload:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:huawei:vogue-tl00b_firmware:9.1.0.162\(c01e160r2p1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:huawei:vogue-tl00b:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:N/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • NONE
  • Availability Impact
  • PARTIAL
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • NONE
  • Availability Impact
  • LOW
  • Base Score
  • 5.3
  • Base Severity
  • MEDIUM
  • Exploitability Score
  • 3.9
  • Impact Score
  • 1.4
References
Reference URL Reference Tags
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2019-5235
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5235
History
Created Old Value New Value Data Type Notes
2022-05-10 16:56:01 Added to TrackCVE
2022-12-04 07:54:13 2019-12-14T00:15Z 2019-12-14T00:15:10 CVE Published Date updated
2022-12-04 07:54:13 2019-12-23T18:32:00 CVE Modified Date updated
2022-12-04 07:54:13 Analyzed Vulnerability Status updated