Vulnerabilities > CVE-2019-7386

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

kaiostech

nokia

NVD

Published: 2019-03-21

Updated: 2020-08-24

Summary

A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.

Vulnerable Configurations

Part	Description	Count
OS	Kaiostech Kaiostech Kaios 2.5	1
OS	Nokia Nokia 8810 4G Firmware 10.05	1
Hardware	Nokia Nokia 8810 4G -	1

Packetstorm

data source	https://packetstormsecurity.com/files/download/151651/KSA-DEV-007.txt
id	PACKETSTORM:151651
last seen	2019-02-14
published	2019-02-13
reporter	Kaustubh G. Padwad
source	https://packetstormsecurity.com/files/151651/Nokia-8810-Denial-Of-Service.html
title	Nokia 8810 Denial Of Service

Vulnerabilities > CVE-2019-7386 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2019-7386"}]}

Summary

Vulnerable Configurations

Packetstorm

References

Vulnerabilities > CVE-2019-7386