CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-9223
https://notcve.org/view.php?id=CVE-2020-9223
There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module. Se presenta una vulnerabilidad de denegación de servicio en algunos teléfonos inteligentes de Huawei. Debido al procesamiento inapropiado de los mensajes anormales recibidos, unos atacantes remotos pueden explotar esta vulnerabilidad para causar una denegación de servicio (DoS) en el módulo específico • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201216-03-smartphone-en •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0CVE-2020-9247
https://notcve.org/view.php?id=CVE-2020-9247
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. Se presenta una vulnerabilidad de desbordamiento del búfer en varios productos de Huawei. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2020-9235
https://notcve.org/view.php?id=CVE-2020-9235
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak. Los teléfonos inteligentes Huawei HONOR 20 PRO Versiones anteriores a 10.1.0.230(C432E9R5P1), Versiones anteriores a 10.1.0.231(C10E3R3P2), Versiones anteriores a 10.1.0.231(C185E3R5P1), Versiones anteriores a 10.1.0.231(C636E3R3P1); Versiones anteriores a 10.1. 0.212(C432E10R3P4), Versiones anteriores a 10.1.0.213(C636E3R4P3), Versiones anteriores a 10.1.0.214(C10E5R4P3), Versiones anteriores a 10.1.0.214(C185E3R3P3); Versiones anteriores a 10.1.0.212(C00E210R5P1); Versiones anteriores a 10.1.0.212(C00E210R5P1). 0.160(C00E160R2P11); Versiones anteriores a 10.1.0.160(C00E160R2P11); Versiones anteriores a 10.1.0.160(C01E160R2P11); Versiones anteriores a 10.1.0.160(C00E160R2P11); Versiones anteriores a 10.1.0.160(C00E160R8P12); Versiones anteriores a 10.1.0.160(C00E160R8P12); Versiones anteriores a 10.1.0.230(C432E9R5P1), Versiones anteriores a 10.1.0.231(C10E3R3P2), Versiones anteriores a 10.1.0.231(C636E3R3P1); Versiones anteriores a 10.1.0.225 (C431E3R1P2), Versiones anteriores a 10.1.0.225(C432E3R1P2), contienen una vulnerabilidad de información. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2020-9244
https://notcve.org/view.php?id=CVE-2020-9244
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged Versiones de HUAWEI Mate 20 Versiones anteriores a 10.1.0.160(C00E160R3P8); versiones de HUAWEI Mate 20 Pro Versiones anteriores a 10.1.0.270(C431E7R1P5), Versiones anteriores a 10.1.0.270(C635E3R1P5), Versiones anteriores a 10.1.0.273(C636E7R2WE); versiones de Mate 20 X Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI P30 Versiones anteriores a 10.1.0.160(C00E160R2P11); versiones de HUAWEI P30 Pro Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI Mate 20 RS Versiones anteriores a 10.1 .0.160(C786E160R3P8); versiones de HonorMagic2 Versiones anteriores a 10.0.0.187(C00E61R2P11); versiones de Honor20 Versiones anteriores a 10.0.0.175(C00E58R4P11); versiones de Honor20 PRO Versiones anteriores a 10.0.0.194(C00E62R8P12); versiones de HonorMagic2 10.0.0.187(C00E61R2P11); versiones de HonorV20 Versiones anteriores a 10.0.0.188(C00E62R2P11), presentan una vulnerabilidad de autenticación inapropiada. El sistema no firma adecuadamente determinado archivo cifrado, el atacante debe conseguir la clave usada para cifrar el archivo, una explotación con éxito podría causar que cierto archivo sea falsificado • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en •
CVSS: 5.3EPSS: 0%CPEs: 20EXPL: 0CVE-2020-9074
https://notcve.org/view.php?id=CVE-2020-9074
Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones. Los teléfonos inteligentes Huawei HONOR 20 PRO; Honor View 20; HONOR 20, presentan un manejo inapropiado de una Vulnerabilidad de condición excepcional. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-smartphone-en • CWE-755: Improper Handling of Exceptional Conditions •