CVE-2019-5282
https://notcve.org/view.php?id=CVE-2019-5282
Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution. El módulo Bastet de algunos teléfonos inteligentes Huawei con versiones anteriores a Emily-AL00A 9.0.0.182(C00E82R1P21), versiones anteriores a Emily-TL00B 9.0.0.182(C01E82R1P21), versiones anteriores a Emily-L09C 9.0.0.203(C432E7R1P11), versiones anteriores a Emily-L29C 9.0.0.203 (C432E7R1P11), las versiones anteriores a Emily-L29C 9.0.0.202 (C185E2R1P12), presentan una vulnerabilidad de doble liberación. Un atacante engaña al usuario para que instale una aplicación maliciosa, que se libera dos veces en la misma dirección de memoria. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en • CWE-415: Double Free •
CVE-2018-7925
https://notcve.org/view.php?id=CVE-2018-7925
The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability. El módulo radio de algunos smartphones Huawei Emily-AL00A en versiones anteriores a la 8.1.0.171(C00) tiene una vulnerabilidad de omisión de pantalla de bloqueo. Un atacante no autenticado podría iniciar aplicaciones de método de entrada de terceros mediante ciertas operaciones para omitir la pantalla de bloqueo explotando esta vulnerabilidad. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en • CWE-863: Incorrect Authorization •
CVE-2018-7947
https://notcve.org/view.php?id=CVE-2018-7947
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones. Los teléfonos móviles Huawei con versiones anteriores a Emily-AL00A 8.1.0.153(C00) tienen una vulnerabilidad de omisión de autenticación. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en • CWE-287: Improper Authentication •