CVE-2019-19412
https://notcve.org/view.php?id=CVE-2019-19412
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. Algunos teléfonos inteligentes Huawei presentan una vulnerabilidad de seguridad que omite la Factory Reset Protection (FRP). Cuando se reconfigura el teléfono móvil con la función factory reset protection (FRP), un atacante inicia sesión en el modo Talkback y puede llevar a cabo algunas operaciones para instalar una aplicación de terceros. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en •
CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVE-2018-7922
https://notcve.org/view.php?id=CVE-2018-7922
Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code. Los smartphones Huawei ALP-L09 en versiones anteriores a la ALP-L09 8.0.0.150(C432) tienen una vulnerabilidad de validación de entradas insuficiente debido a la falta de comprobación de parámetros. Un atacante engaña al usuario que tiene privilegios root para que instale una aplicación manipulada, que podría modificar los datos específicos para explotar la vulnerabilidad. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180911-01-smartphone-en • CWE-20: Improper Input Validation •
CVE-2018-7923
https://notcve.org/view.php?id=CVE-2018-7923
Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code. Los smartphones Huawei ALP-L09 en versiones anteriores a la ALP-L09 8.0.0.150(C432) tienen una vulnerabilidad de validación de entradas insuficiente debido a la falta de comprobación de parámetros. Un atacante engaña al usuario que tiene privilegios root para que instale una aplicación manipulada, que podría modificar los datos específicos para explotar la vulnerabilidad. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180911-01-smartphone-en • CWE-20: Improper Input Validation •