5 results (0.018 seconds)

CVSS: 4.6EPSS: 0%CPEs: 122EXPL: 0

Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. Algunos teléfonos inteligentes Huawei presentan una vulnerabilidad de seguridad que omite la Factory Reset Protection (FRP). Cuando se reconfigura el teléfono móvil con la función factory reset protection (FRP), un atacante inicia sesión en el modo Talkback y puede llevar a cabo algunas operaciones para instalar una aplicación de terceros. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en •

CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 0%CPEs: 371EXPL: 0

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación de longitud de clave. Esto permite ataques prácticos de fuerza bruta (también se conoce como "KNOB") que pueden descifrar el tráfico e inyectar texto cifrado arbitrario sin que la víctima se dé cuenta. A flaw was discovered in the Bluetooth protocol. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Aug/13 http://seclists.org/fulldisclosure/2019/Aug/14 http://seclists.org/fulldisclosure/2019/Aug/15 http://www.cs.ox.ac.uk/publications/publication12404-abstract.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en https: • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. An attacker can trick a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause system reboot. El controlador Mali de los smartphones Huawei Berkeley-AL20 y Berkeley-BD con software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00) y Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26 y 1.0.0.29 tiene una vulnerabilidad de doble liberación (double free). Un atacante puede engañar a un usuario para que instale una aplicación maliciosa y explotar esta vulnerabilidad mientras se está en el proceso de gestión de excepciones. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-smartphone • CWE-415: Double Free •