CVE-2019-7386
Nokia 8810 Denial Of Service
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
4
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.
Se ha descubierto un problema de denegación de servicio (DoS) en el componente Gecko de KaiOS 2.5 10.05 (plataforma 48.0.a2) en dispositivos Nokia 8810 4G. Cuando un sitio web manipulado se visita con el navegador interno, el proceso Gecko se cierra inesperadamente con un segfault. Si se explota con éxito, podría conducir a la ejecución remota de código en el dispositivo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-02-04 CVE Reserved
- 2019-02-13 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2024-08-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.breakthesec.com | Not Applicable | |
| http://www.breakthesec.com/search/label/0day | Not Applicable |
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.com/files/151651/Nokia-8810-Denial-Of-Service.html | 2024-08-04 | |
| http://seclists.org/fulldisclosure/2019/Feb/35 | 2024-08-04 | |
| https://s3curityb3ast.github.io | 2024-08-04 | |
| https://s3curityb3ast.github.io/KSA-Dev-007.md | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kaiostech Search vendor "Kaiostech" | Kaios Search vendor "Kaiostech" for product "Kaios" | 2.5 Search vendor "Kaiostech" for product "Kaios" and version "2.5" | - |
Affected
| in | Nokia Search vendor "Nokia" | 8810 4g Search vendor "Nokia" for product "8810 4g" | - | - |
Safe
|
| Nokia Search vendor "Nokia" | 8810 4g Firmware Search vendor "Nokia" for product "8810 4g Firmware" | 10.05 Search vendor "Nokia" for product "8810 4g Firmware" and version "10.05" | - |
Affected
| in | Nokia Search vendor "Nokia" | 8810 4g Search vendor "Nokia" for product "8810 4g" | - | - |
Safe
|