CVE-2019-19412
https://notcve.org/view.php?id=CVE-2019-19412
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. Algunos teléfonos inteligentes Huawei presentan una vulnerabilidad de seguridad que omite la Factory Reset Protection (FRP). Cuando se reconfigura el teléfono móvil con la función factory reset protection (FRP), un atacante inicia sesión en el modo Talkback y puede llevar a cabo algunas operaciones para instalar una aplicación de terceros. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en •
CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
https://notcve.org/view.php?id=CVE-2019-9506
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación de longitud de clave. Esto permite ataques prácticos de fuerza bruta (también se conoce como "KNOB") que pueden descifrar el tráfico e inyectar texto cifrado arbitrario sin que la víctima se dé cuenta. A flaw was discovered in the Bluetooth protocol. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Aug/13 http://seclists.org/fulldisclosure/2019/Aug/14 http://seclists.org/fulldisclosure/2019/Aug/15 http://www.cs.ox.ac.uk/publications/publication12404-abstract.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en https: • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2018-7899
https://notcve.org/view.php?id=CVE-2018-7899
The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot. El controlador Mali de los smartphones Huawei Berkeley-AL20 y Berkeley-BD con software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00) y Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26 y 1.0.0.29 tiene una vulnerabilidad de doble liberación (double free). Un atacante puede engañar a un usuario para que instale una aplicación maliciosa y explotar esta vulnerabilidad mientras se está en el proceso de gestión de excepciones. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-smartphone • CWE-415: Double Free •