CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2020-9119
https://notcve.org/view.php?id=CVE-2020-9119
24 Dec 2020 — There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion. Se presenta una vulnerabilidad de escalada de privilegios en algunos teléfonos inteligentes de Huawei debido a defectos de diseño. El atacante necesita contactar físicamente con el teléfono móvil y conseguir mayores privilegios, y ejecutar comand... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 24EXPL: 0CVE-2020-1785
https://notcve.org/view.php?id=CVE-2020-1785
03 Jan 2020 — Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. Los teléfonos inteligentes Mate 10 Pro; Honor V10; Honor 10; Nova 4, tiene una vulnerabilidad de denegación de servicio. El sistema no comprueba apropiadamente el estado de cierto módulo durante dete... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-03-smartphone-en •
CVSS: 4.6EPSS: 0%CPEs: 50EXPL: 0CVE-2019-5264
https://notcve.org/view.php?id=CVE-2019-5264
13 Dec 2019 — There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. tiene una vulnerabilidad de divulgación de información en ciertos teléfonos inteligentes Huawei (Mate 10; Mate 10 Pro; Honor V10; Changxiang 7S; P-smart; C... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en •
CVSS: 8.1EPSS: 3%CPEs: 371EXPL: 1CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
https://notcve.org/view.php?id=CVE-2019-9506
14 Aug 2019 — The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación d... • https://github.com/francozappa/knob • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7989
https://notcve.org/view.php?id=CVE-2018-7989
17 Oct 2018 — Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. App Lock is a function to prevent unauthorized use of apps on smartphones, an attacker could directly change the lock password after a series of operations. Successful exploit could allow the attacker to use the application which is locked. Los smartphones Huawei Mate 10 en versiones anteriores a la BLA-AL00B 8.1.0.326(C00) tienen una vulnerabilidad de autenticación incorrecta. App... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applock-en • CWE-287: Improper Authentication •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7936
https://notcve.org/view.php?id=CVE-2018-7936
04 Sep 2018 — Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed. Los smartphones Huawei Mate 10 Pro con software anterior a las versiones BLA-L29 8.0.0.148(C432) ti... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180827-01-frpbypass-en •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7990
https://notcve.org/view.php?id=CVE-2018-7990
04 Sep 2018 — Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. During the mobile phone reseting process, an attacker could bypass "Find My Phone" protect after a series of voice and keyboard operations. Successful exploit could allow an attacker to bypass FRP. Los smartphones Huawei Mate10 Pro en versiones anteriores a la 8.1.0.326(C00) tienen una vulnerabilidad de omisión de Factory Reset Protection (FRP). Durante el proceso de reinicio del teléfono móvil, un atacan... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180831-01-smartphone-en •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7934
https://notcve.org/view.php?id=CVE-2018-7934
31 Jul 2018 — Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend crash after the users make specific screen gestures. Algunos teléfonos móviles de Huawei con versiones anteriores a la BLA-L29 8.0.0.145(C432) tienen una vulnerabilidad de denegación de servicio (DoS) porque no se adaptan a gestos de p... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180705-01-smartphone-en • CWE-20: Improper Input Validation •