CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9107
https://notcve.org/view.php?id=CVE-2020-9107
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura y escritura fuera de límites. Un atacante no autenticado diseña un mensaje malformado con un parámetro específico y envía el mensaje hacia los productos afectados. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9108
https://notcve.org/view.php?id=CVE-2020-9108
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura y escritura fuera de límites. Un atacante no autenticado diseña un mensaje malformado con un parámetro específico y envía el mensaje hacia los productos afectados. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9095
https://notcve.org/view.php?id=CVE-2020-9095
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service. El teléfono inteligente HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una vulnerabilidad de desbordamiento de enteros. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9096
https://notcve.org/view.php?id=CVE-2020-9096
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service. Los teléfonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura fuera de límites. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2020-9104
https://notcve.org/view.php?id=CVE-2020-9104
HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2P5),Versions earlier than 10.1.0.123(C432E22R2P5),Versions earlier than 10.1.0.126(C10E7R5P1),Versions earlier than 10.1.0.126(C185E4R7P1),Versions earlier than 10.1.0.126(C461E7R3P1),Versions earlier than 10.1.0.126(C605E19R1P3),Versions earlier than 10.1.0.126(C636E7R3P4),Versions earlier than 10.1.0.128(C635E3R2P4),Versions earlier than 10.1.0.160(C00E160R2P11),Versions earlier than 10.1.0.160(C01E160R2P11) have a denial of service vulnerability. In specific scenario, due to the improper resource management and memory leak of some feature, the attacker could exploit this vulnerability to cause the device reset. Los teléfonos inteligentes HUAWEI P30 versiones anteriores a 10.1.0.123(C431E22R2P5), versiones anteriores a 10.1.0.123(C432E22R2P5), versiones anteriores a 10.1.0.126(C10E7R5P1), versiones anteriores a 10.1.0.126(C185E4R7P1), versiones anteriores a 10.1.0.126(C461E7R3P1), versiones anteriores a 10.1.0.126(C605E19R1P3), versiones anteriores a 10.1.0.126(C636E7R3P4), versiones anteriores a 10.1.0.128(C635E3R2P4), versiones anteriores a 10.1.0.160(C00E160R2P11.0), versiones anteriores a 10.1.0.160(C01E160R2P11), presentan una vulnerabilidad de denegación de servicio. En un escenario específico, debido a la administración inapropiada de recursos y la pérdida de memoria de alguna funcionalidad, el atacante podría explotar esta vulnerabilidad para causar el reinicio del dispositivo. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-01-smartphonedos-en • CWE-401: Missing Release of Memory after Effective Lifetime •