CVE-2019-5276: Buffer Overflow
First published: Mon Dec 23 2019(Updated: )
Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei elle-al00b | <9.1.0.222\(c00e220r2p1\) | |
| Huawei elle-al00b firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-5276?
CVE-2019-5276 is considered a serious vulnerability due to the potential for exploitation that can disrupt normal phone operation.
How do I fix CVE-2019-5276?
To fix CVE-2019-5276, users should update their Huawei smartphone to version ELLE-AL00B 9.1.0.222(C00E220R2P1) or later.
What type of vulnerability is CVE-2019-5276?
CVE-2019-5276 is classified as a buffer overflow vulnerability.
Who is affected by CVE-2019-5276?
CVE-2019-5276 affects Huawei smartphones running versions earlier than ELLE-AL00B 9.1.0.222(C00E220R2P1).
What can attackers do with CVE-2019-5276?
Attackers can exploit CVE-2019-5276 to intercept and tamper with network packets, potentially causing the affected phone to behave abnormally.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei elle-al00b
- canonical/huawei elle-al00b firmware