28 results (0.013 seconds)

CVSS: 6.3EPSS: 0%CPEs: 62EXPL: 0

01 Jun 2018 — Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart. Algunos smartphones Huawei tienen una vulnerabilidad de denegación de servicio (DoS) debido al procesamiento inco... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0

19 Apr 2018 — The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and the APP may sends specific data to the inputhub driver to exploit this vulnerability, successful exploit could cause the syst... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-02-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

20 Mar 2018 — Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel information disclosure. Los smartphones Huawei P9 con software en versiones anteriores a EVA-AL10C00B399SP02 tienen una vulnerabilidad de divulgación de información. El softwa... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-01-smartphone-en • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0

09 Mar 2018 — Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to touchscreen drive to crash the system or escalate privilege. El controlador Touchscreen en Huawei H60 (Honor 6), en versiones anteriores a H60-L02_6.12.16 y P9 Plus, en versiones anteriores a VIE-AL10BC00B356, tiene una vulnerabi... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161215-01-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

22 Nov 2017 — Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot. Huawei P9 en versiones anteriores a la EVA-AL10C00B373, anteriores a la EVA-CL00C92B373, anteriores ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en •

CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0

22 Nov 2017 — The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier versions has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the syste... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170208-02-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 0

22 Nov 2017 — Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting. Puede eludirse Phone Finder en versiones anteriores a la MHA-AL00BC00B... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-05-smartphone-en •

CVSS: 2.4EPSS: 0%CPEs: 10EXPL: 0

22 Nov 2017 — Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone. Los smartphones Huawei P9 con versiones de software anteriores a la EVA-AL10C00B365, anteriores a la EVA-AL00... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

22 Nov 2017 — P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system. Los smartphones P9 Plus con software en versiones anteriores a la VIE-AL10C00B352 tienen una vulnerabilidad de validación de entradas en el controlador de la pantalla táctil. Un atacante puede engañar a un usuario para que ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-03-smartphone-en • CWE-20: Improper Input Validation •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

22 Nov 2017 — HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information. Los smartphones Huawei P9 con versiones de software anteriores a la EVA-AL00C00B365, anteriores a la EVA-L09C636B380, anteri... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-smartphone-en • CWE-20: Improper Input Validation •