Home

CVE-2019-5246

Description

Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution.

Risk Information

Base Score
6.2
MODERATE
Vector
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.024

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.162(c00e160r2p1)NCM
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.155(c00e150r1p21)NCM
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.153(c00e150r1p21)NCM
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.135(c00e130r1p21)NCM
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.125(c00e120r1p21)NCM
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.113(c00e110r1p21)NCM
Vulnerabilities CVE-2019-5246 ,CVE-2019-5276 are affected in elle-al00b_firmware 9.1.0.109(c00e106r1p21)NCM
Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-5246)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234