CVSS: 5.7EPSS: 0%CPEs: 8EXPL: 0CVE-2019-5211
https://notcve.org/view.php?id=CVE-2019-5211
29 Nov 2019 — The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully exploit may cause some files on the victim's mobile phone are deleted. La función Huawei Share de los teléfonos P20 con versiones anteriores a Emily-L29C 9.1.0.311, presenta una vulnerabilidad de administración de arc... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-02-share-en •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-5212
https://notcve.org/view.php?id=CVE-2019-5212
29 Nov 2019 — There is an improper access control vulnerability in Huawei Share. The software does not properly restrict access to certain file from certain application. An attacker tricks the user into installing a malicious application then establishing a connect to the attacker through Huawei Share, successful exploit could cause information disclosure. Se presenta una vulnerabilidad de control de acceso inapropiada en Huawei Share. El software no restringe apropiadamente el acceso a ciertos archivos desde determinada... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191113-01-share-en • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-5230
https://notcve.org/view.php?id=CVE-2019-5230
12 Nov 2019 — P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than Emily-AL00A 9.1.0.321(C00E320R1P1T8), versions earlier than NEO-AL00D NEO-AL00 9.1.0.321(C786E320R1P1T8) have an improper validation vulnerability. The system does not perform a properly validation of certain input models, an attacker could trick the user to install a malicious application then craft a malformed model, successful exploit could allow the attacker to get and tamper cert... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190925-03-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5283
https://notcve.org/view.php?id=CVE-2019-5283
04 Jun 2019 — There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to access the setting page. As a result, the FRP function is bypassed. Existe una vulnerabilidad de seguridad de derivación de la Protección de restablecimiento de fábrica (FRP) en las versiones... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190424-01-frp-en •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5306
https://notcve.org/view.php?id=CVE-2019-5306
04 Jun 2019 — There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a result, the FRP function is bypassed and the attacker gains access to the smartphone. Existe una vulnerabilidad de seguridad de derivación de la Protección de restablecimiento de fábrica (FRP) en las versiones de teléfon... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190228-01-smartphone-en •