Details of VAR-200203-0070

ID

VAR-200203-0070

CVE

CVE-2002-0122

TITLE

Siemens Mobile Phone Short Message Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2002-0057

DESCRIPTION

Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters. Siemens has a certain number of user groups for the production of various types of mobile phone products. Some models of Siemens phones have problems with the short message processing function. Malicious attackers can use this vulnerability to make the phone unable to receive short messages. When the mobile phone receives SMS short messages that contain certain illegal characters, the mobile phone will shut down by mistake when trying to view these messages. Because some models of mobile phones can only be viewed before deleting, these malicious short messages cannot be deleted. When the receiving queue of the mobile phone is filled with malicious short messages, the mobile phone cannot continue to receive short messages. If enough messages are sent, SMS functionality may be completely denied

Trust: 1.71

sources: NVD: CVE-2002-0122 // CNVD: CNVD-2002-0057 // BID: 3870

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2002-0057

AFFECTED PRODUCTS

vendor:	siemens	model:	3568i wap	scope:	eq	version:	0.0	Trust: 1.6
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	3568i wap	scope:	-	version:	-	Trust: 0.3
vendor:	siemens	model:	sl45/6688	scope:	ne	version:	-	Trust: 0.3

sources: CNVD: CNVD-2002-0057 // BID: 3870 // CNNVD: CNNVD-200203-084 // NVD: CVE-2002-0122

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0122
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200203-084
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2002-0122
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0

sources: CNNVD: CNNVD-200203-084 // NVD: CVE-2002-0122

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0122

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200203-084

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200203-084

EXTERNAL IDS

db:	NVD	id:	CVE-2002-0122	Trust: 2.5
db:	BID	id:	3870	Trust: 1.9
db:	CNVD	id:	CNVD-2002-0057	Trust: 0.6
db:	XF	id:	7902	Trust: 0.6
db:	BUGTRAQ	id:	20020114 SIEMENS MOBIE SMS EXCEPTIONAL CHARACTER VULNERABILITY	Trust: 0.6
db:	CNNVD	id:	CNNVD-200203-084	Trust: 0.6

sources: CNVD: CNVD-2002-0057 // BID: 3870 // CNNVD: CNNVD-200203-084 // NVD: CVE-2002-0122

REFERENCES

url:	http://online.securityfocus.com/archive/1/250115	Trust: 1.6
url:	http://www.iss.net/security_center/static/7902.php	Trust: 1.6
url:	http://www.securityfocus.com/bid/3870	Trust: 1.6
url:	http://www.siemens.com/page/1,3771,257605-1-999_0_0-0,00.html	Trust: 0.3
url:	http://www.siemens.com/page/1,3771,257599-1-999_0_0-0,00.html	Trust: 0.3

sources: BID: 3870 // CNNVD: CNNVD-200203-084 // NVD: CVE-2002-0122

CREDITS

benjurry※ benjurry@263.net

Trust: 0.6

sources: CNNVD: CNNVD-200203-084

SOURCES

db:	CNVD	id:	CNVD-2002-0057
db:	BID	id:	3870
db:	CNNVD	id:	CNNVD-200203-084
db:	NVD	id:	CVE-2002-0122

LAST UPDATE DATE

2025-04-03T22:16:56.762000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2002-0057	date:	2002-01-17T00:00:00
db:	BID	id:	3870	date:	2009-07-11T09:56:00
db:	CNNVD	id:	CNNVD-200203-084	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2002-0122	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2002-0057	date:	2002-01-14T00:00:00
db:	BID	id:	3870	date:	2002-01-13T00:00:00
db:	CNNVD	id:	CNNVD-200203-084	date:	2002-01-14T00:00:00
db:	NVD	id:	CVE-2002-0122	date:	2002-03-25T05:00:00