CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2020-9239
https://notcve.org/view.php?id=CVE-2020-9239
Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab Teléfonos inteligentes Huawei BLA-A09 versiones 8.0.0.123(C212), versiones anteriores a 8.0.0.123(C567), versiones anteriores a 8.0.0.123(C797); BLA-TL00B versiones anteriores a 8.1.0.326(C01); Berkeley-L09 versiones anteriores a 8.0.0.163(C10), versiones anteriores a 8.0.0.163(C432), versiones anteriores a 8.0.0.163(C636), versiones anteriores a 8.0.0.172(C10); Duke-L09 versiones Duke-L09C10B187, versiones Duke- L09C432B189, versiones Duke-L09C636B189; HUAWEI P20 versiones anteriores a 8.0.1.16(C00); HUAWEI P20 Pro versiones anteriores a 8.1.0.152(C00); Jimmy-AL00A versiones anteriores a Jimmy-AL00AC00B172; LON-L29D versiones LON-L29DC721B192; NEO-AL00D versiones anteriores a 8.1.0.172(C786); Stanford-AL00 versiones Stanford-AL00C00B123; Toronto-AL00 versiones anteriores a Toronto-AL00AC00B225; Toronto-AL00A versiones anteriores a Toronto-AL00AC00B225; Toronto-TL10 versiones anteriores a Toronto-TL10C01B225, presentan una vulnerabilidad de información. Un módulo presenta un error de diseño que es la falta de control de entrada. Unos atacantes pueden explotar esta vulnerabilidad • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200909-04-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 122EXPL: 0CVE-2019-19412
https://notcve.org/view.php?id=CVE-2019-19412
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. Algunos teléfonos inteligentes Huawei presentan una vulnerabilidad de seguridad que omite la Factory Reset Protection (FRP). Cuando se reconfigura el teléfono móvil con la función factory reset protection (FRP), un atacante inicia sesión en el modo Talkback y puede llevar a cabo algunas operaciones para instalar una aplicación de terceros. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9073
https://notcve.org/view.php?id=CVE-2020-9073
Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1P4) have an improper authentication vulnerability. The vulnerability is due to that when an user wants to do certain operation, the software insufficiently validate the user's identity. Attackers need to physically access the smartphone to exploit this vulnerability. Successful exploit could allow the attacker to bypass the limit of student mode function. Los teléfonos inteligentes Huawei P20 con versiones anteriores a 10.0.0.156(C00E156R1P4), presentan una vulnerabilidad de autenticación inapropiada. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-01-smartphone-en • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •