3 results (0.002 seconds)

CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0

Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution. El módulo Bastet de algunos teléfonos inteligentes Huawei con versiones anteriores a Emily-AL00A 9.0.0.182(C00E82R1P21), versiones anteriores a Emily-TL00B 9.0.0.182(C01E82R1P21), versiones anteriores a Emily-L09C 9.0.0.203(C432E7R1P11), versiones anteriores a Emily-L29C 9.0.0.203 (C432E7R1P11), las versiones anteriores a Emily-L29C 9.0.0.202 (C185E2R1P12), presentan una vulnerabilidad de doble liberación. Un atacante engaña al usuario para que instale una aplicación maliciosa, que se libera dos veces en la misma dirección de memoria. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en • CWE-415: Double Free •