All the vulnerabilites related to Huawei - Honor V10
var-202001-0898
Vulnerability from variot
Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. plural Huawei The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei Honor V10 and other products are products of Huawei of China. Huawei Honor V10 is a smartphone product. Huawei Honor 10 is a smartphone product. Mate 10 Pro is a smartphone
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0898", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "honor \u003c9.1.0.350", "scope": "eq", "trust": 2.4, "vendor": "huawei", "version": "10" }, { "model": "mate pro \u003c9.1.0.321", "scope": "eq", "trust": 1.2, "vendor": "huawei", "version": "10" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.330\\(c432e6r1p12t8\\)" }, { "model": "honor 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c185e3r1p12t8\\)" }, { "model": "honor 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c461e3r1p11t8\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.351\\(c432e5r1p13t8\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c00e333r2p1t8\\)" }, { "model": "honor 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.351\\(c432e5r1p13t8\\)" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.321\\(c605e4r1p13t8\\)" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.321\\(c636e4r1p14t8\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c636e4r1p13t8\\)" }, { "model": "nova 4", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.225\\(c636e1r4p1\\)" }, { "model": "honor 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c10e5r1p14t8\\)" }, { "model": "honor 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c636e3r1p13t8\\)" }, { "model": "honor v10", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 10", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "mate 10 pro", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "nova 4", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor \u003c9.1.0.333", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "mate pro \u003c9.1.0.330", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "honor \u003c9.1.0.350", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor \u003c9.1.0.351", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor \u003c9.1.0.351", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "nova \u003c9.1.0.225", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "4" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "NVD", "id": "CVE-2020-1785" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.321\\(c605e4r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.321\\(c636e4r1p14t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.330\\(c432e6r1p12t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.350\\(c636e3r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:nova_4_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.225\\(c636e1r4p1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1785" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fudan University SONIC Laboratory Wei Junyi at the Chinese University of Hong Kong TIIC Found in the laboratory. Huawei thanks the researcher for cooperating with us to disclose the vulnerability to protect Huawei\u0027s customers.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202001-042" } ], "trust": 0.6 }, "cve": "CVE-2020-1785", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.1, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2020-1785", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2020-02948", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2020-1785", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1785", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2020-02948", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202001-042", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "NVD", "id": "CVE-2020-1785" }, { "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. plural Huawei The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei Honor V10 and other products are products of Huawei of China. Huawei Honor V10 is a smartphone product. Huawei Honor 10 is a smartphone product. Mate 10 Pro is a smartphone", "sources": [ { "db": "NVD", "id": "CVE-2020-1785" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "CNVD", "id": "CNVD-2020-02948" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1785", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2020-001010", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-02948", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202001-042", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "NVD", "id": "CVE-2020-1785" }, { "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "id": "VAR-202001-0898", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" } ], "trust": 1.18017655 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" } ] }, "last_update_date": "2023-12-18T12:56:13.123000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200102-03-smartphone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-03-smartphone-en" }, { "title": "Patch for Multiple Huawei Product Denial of Service Vulnerabilities (CNVD-2020-02948)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/197037" }, { "title": "Multiple Huawei Product input verification error vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=106566" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "NVD", "id": "CVE-2020-1785" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-03-smartphone-en" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1785" }, { "trust": 1.2, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200102-03-smartphone-cn" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1785" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02948" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "NVD", "id": "CVE-2020-1785" }, { "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-02948" }, { "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "db": "NVD", "id": "CVE-2020-1785" }, { "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-01-20T00:00:00", "db": "CNVD", "id": "CNVD-2020-02948" }, { "date": "2020-01-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "date": "2020-01-03T15:15:12.070000", "db": "NVD", "id": "CVE-2020-1785" }, { "date": "2020-01-02T00:00:00", "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-01-21T00:00:00", "db": "CNVD", "id": "CNVD-2020-02948" }, { "date": "2020-01-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-001010" }, { "date": "2021-07-21T11:39:23.747000", "db": "NVD", "id": "CVE-2020-1785" }, { "date": "2021-07-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202001-042" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202001-042" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Huawei Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-001010" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202001-042" } ], "trust": 0.6 } }
var-202004-0959
Vulnerability from variot
Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 2 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1806. This vulnerability is CVE-2020-1804 and CVE-2020-1806 Is a different vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. The vulnerability stems from a driver not fully verifying the received parameters
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0959", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.0.156\\(c00e156r2p4\\)" }, { "model": "honor v10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.0.156(c00e156r2p4)" }, { "model": "honor \u003c10.0.0.156", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": null }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.156(c00e156r2p14t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.159(c432e4r1p9t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.159(c636e3r1p12t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.1.0.333(c00e333r2p1t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.1.0.351(c432e5r1p13t8)" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "NVD", "id": "CVE-2020-1805" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.0.156\\(c00e156r2p4\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1805" } ] }, "cve": "CVE-2020-1805", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-004907", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2020-27114", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2020-1805", "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 5.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.1, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-004907", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1805", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-004907", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-27114", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202004-1967", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-1805", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "NVD", "id": "CVE-2020-1805" }, { "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 2 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1806. This vulnerability is CVE-2020-1804 and CVE-2020-1806 Is a different vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. The vulnerability stems from a driver not fully verifying the received parameters", "sources": [ { "db": "NVD", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1805", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2020-004907", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-27114", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202004-1967", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-1805", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "NVD", "id": "CVE-2020-1805" }, { "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "id": "VAR-202004-0959", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" } ], "trust": 1.18944035 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" } ] }, "last_update_date": "2023-12-18T12:17:10.314000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200422-02-smartphone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" }, { "title": "Patch for Huawei Honor V10 Cross-Border Reading Vulnerability (CNVD-2020-27114)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/216731" }, { "title": "Huawei Honor V10 Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116734" }, { "title": "Huawei Security Advisories: Security Advisory - Three Out of Bounds Vulnerabilities in Several Smartphones", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=710862441ad85228271816b080be03e9" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "NVD", "id": "CVE-2020-1805" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1805" }, { "trust": 1.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1805" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200422-02-smartphone-cn" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/125.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "NVD", "id": "CVE-2020-1805" }, { "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-27114" }, { "db": "VULMON", "id": "CVE-2020-1805" }, { "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "db": "NVD", "id": "CVE-2020-1805" }, { "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-08T00:00:00", "db": "CNVD", "id": "CNVD-2020-27114" }, { "date": "2020-04-27T00:00:00", "db": "VULMON", "id": "CVE-2020-1805" }, { "date": "2020-06-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "date": "2020-04-27T15:15:12.970000", "db": "NVD", "id": "CVE-2020-1805" }, { "date": "2020-04-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-08T00:00:00", "db": "CNVD", "id": "CNVD-2020-27114" }, { "date": "2020-05-01T00:00:00", "db": "VULMON", "id": "CVE-2020-1805" }, { "date": "2020-06-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-004907" }, { "date": "2020-05-01T14:14:34.857000", "db": "NVD", "id": "CVE-2020-1805" }, { "date": "2020-05-06T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-1967" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-1967" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei Honor V10 Out-of-bounds read vulnerabilities on smartphones", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-004907" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-1967" } ], "trust": 0.6 } }
var-201912-0803
Vulnerability from variot
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China's Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system's failure to adequately verify the path name from an application. information
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0803", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "p30 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.226\\(c00e210r2p1\\)" }, { "model": "p30", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.226\\(c00e220r2p1\\)" }, { "model": "m6", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.1.150\\(c00e150r1p150\\)" }, { "model": "honor 20s", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.1.132\\(c00e131r6p1\\)" }, { "model": "mate 20", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.139\\(c00e133r3p1\\)" }, { "model": "enjoy 7s", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.130\\(c00e115r2p8t8\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c00e333r2p1t8\\)" }, { "model": "honor 9 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.130\\(c00e112r2p10t8\\)" }, { "model": "honor 9i", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.120\\(c00e113r1p6t8\\)" }, { "model": "honor 9 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.143\\(c636e5r1p5t8\\)" }, { "model": "enjoy 7s", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 20s", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 9 lite", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 9i", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 10", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "m6", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "mate 20", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "p30 pro", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "p30", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor \u003c9.1.0.333", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "p30 \u003c9.1.0.226", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "enjoy 7s", "scope": "lt", "trust": 0.6, "vendor": "huawei", "version": "9.1.0.130" }, { "model": "mate \u003c9.1.0.139", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "20" }, { "model": "honor lite \u003c9.1.0.130", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9" }, { "model": "honor lite \u003c9.1.0.143", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9" }, { "model": "honor 9i \u003c9.1.0.120", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "m6 \u003c9.1.1.150", "scope": null, "trust": 0.6, "vendor": "ibaby", "version": null }, { "model": "p30 pro \u003c9.1.0.226", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "honor 20s \u003c9.1.1.132", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "NVD", "id": "CVE-2019-5251" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.226\\(c00e220r2p1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:enjoy_7s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.130\\(c00e115r2p8t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:enjoy_7s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.139\\(c00e133r3p1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.143\\(c636e5r1p5t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.120\\(c00e113r1p6t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:m6_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.1.150\\(c00e150r1p150\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:m6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.226\\(c00e210r2p1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_20s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.1.132\\(c00e131r6p1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_20s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.130\\(c00e112r2p10t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-5251" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vulnerability was discovered by an external researcher. Huawei thanks the researcher for cooperating with us to disclose the vulnerability to protect Huawei\u0027s customers.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-175" } ], "trust": 0.6 }, "cve": "CVE-2019-5251", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.3, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2019-5251", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2020-02966", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-5251", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-5251", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2020-02966", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201912-175", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "NVD", "id": "CVE-2019-5251" }, { "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China\u0027s Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system\u0027s failure to adequately verify the path name from an application. information", "sources": [ { "db": "NVD", "id": "CVE-2019-5251" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "CNVD", "id": "CNVD-2020-02966" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-5251", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2019-013191", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-02966", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201912-175", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "NVD", "id": "CVE-2019-5251" }, { "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "id": "VAR-201912-0803", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" } ], "trust": 1.295306911 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" } ] }, "last_update_date": "2023-12-18T13:13:10.975000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20191204-03-smartphone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en" }, { "title": "Patch for Multiple Huawei Product Path Traversal Vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/197281" }, { "title": "Multiple Huawei Product path traversal vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=103979" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-22", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "NVD", "id": "CVE-2019-5251" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5251" }, { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5251" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-03-smartphone-cn" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-02966" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "NVD", "id": "CVE-2019-5251" }, { "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-02966" }, { "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "db": "NVD", "id": "CVE-2019-5251" }, { "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-01-20T00:00:00", "db": "CNVD", "id": "CNVD-2020-02966" }, { "date": "2019-12-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "date": "2019-12-13T15:15:11.317000", "db": "NVD", "id": "CVE-2019-5251" }, { "date": "2019-12-04T00:00:00", "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-01-21T00:00:00", "db": "CNVD", "id": "CNVD-2020-02966" }, { "date": "2019-12-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-013191" }, { "date": "2019-12-18T16:13:27.443000", "db": "NVD", "id": "CVE-2019-5251" }, { "date": "2020-09-03T00:00:00", "db": "CNNVD", "id": "CNNVD-201912-175" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-175" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Huawei Vulnerability of past traversal in smartphone products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-013191" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "path traversal", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-175" } ], "trust": 0.6 } }
var-201912-0062
Vulnerability from variot
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. Huawei Mate 9 and other products are products of China's Huawei. Huawei Mate 9 is a smartphone. Huawei Mate 10 is a smartphone product of Huawei. Honor 9 Lite is a smartphone. The vulnerability stems from the system's improper handling of application information with an application lock set in a specific scenario that rarely occurs
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0062", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "mate pro \u003c9.0.0.159", "scope": "eq", "trust": 1.2, "vendor": "huawei", "version": "10" }, { "model": "honor \u003c9.0.0.159", "scope": "eq", "trust": 1.2, "vendor": "huawei", "version": "v10" }, { "model": "honor lite \u003c9.1.0.118", "scope": "eq", "trust": 1.2, "vendor": "huawei", "version": "9" }, { "model": "mate \u003c9.0.0.159", "scope": "eq", "trust": 1.2, "vendor": "huawei", "version": "10" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.156\\(c00e156r2p14t8\\)" }, { "model": "honor 9 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.118\\(c185e4r1p4t8\\)" }, { "model": "p-smart", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.130\\(c432e8r1p5t8\\)" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.161\\(c432e4r1p11t8\\)" }, { "model": "honor 9 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.118\\(c636e4r1p1t8\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.159\\(c432e4r1p9t8\\)" }, { "model": "y9 2018", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.120\\(c636e5r1p1t8\\)" }, { "model": "honor 9i", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.121\\(c432e4r1p3t8\\)" }, { "model": "mate 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.159\\(c432e4r1p9t8\\)" }, { "model": "changxiang 8 plus", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.111\\(c00e111r1p6t8\\)" }, { "model": "mate 9", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.1.158\\(c432e6r1p8t8\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.159\\(c636e3r1p12t8\\)" }, { "model": "mate 9", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.1.159\\(c636e6r1p8t8\\)" }, { "model": "mate 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.159\\(c636e2r1p12t8\\)" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.159\\(c185e2r1p13t8\\)" }, { "model": "y9 2018", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.115\\(c432e5r1p1t8\\)" }, { "model": "honor 9 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.121\\(c432e4r1p3t8\\)" }, { "model": "honor 9 lite", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.113\\(c00e111r2p10t8\\)" }, { "model": "changxiang 7s", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.107\\(c00e107r2p8t8\\)" }, { "model": "p-smart", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.119\\(c636e5r1p1t8\\)" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.159\\(c636e2r1p13t8\\)" }, { "model": "mate 10 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.167\\(c00e87r2p15t8\\)" }, { "model": "mate 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.167\\(c00e85r2p20t8\\)" }, { "model": "honor 9i", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.106\\(sp53c636e2r1p4t8\\)" }, { "model": "mate 10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.0.0.177\\(c185e2r1p12t8\\)" }, { "model": "changxiang 7s", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "changxiang 8 plus", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 9 lite", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor 9i", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "honor v10", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "mate 10 pro", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "mate 10", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "mate 9", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "p smart", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "y9 2018", "scope": null, "trust": 0.8, "vendor": "huawei", "version": null }, { "model": "mate pro \u003c9.0.0.167", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "mate pro \u003c9.0.0.161", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "honor \u003c9.0.0.156", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "changxiang 7s \u003c9.1.0.107", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "p-smart \u003c9.1.0.119", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "p-smart \u003c9.1.0.130", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "changxiang \u003c=9.1.0.111", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "y9 \u003c9.1.0.115", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "2018" }, { "model": "y9 \u003c9.1.0.120", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "2018" }, { "model": "honor lite \u003c9.1.0.113", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9" }, { "model": "honor lite \u003c9.1.0.121", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9" }, { "model": "honor 9i \u003c9.1.0.112", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "honor 9i \u003c9.1.0.106", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "mate \u003c9.0.1.158", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9" }, { "model": "mate \u003c9.0.1.159", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9" }, { "model": "mate \u003c9.0.0.167", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" }, { "model": "mate \u003c9.0.0.177", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "10" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "NVD", "id": "CVE-2019-5264" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.167\\(c00e85r2p20t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.159\\(c432e4r1p9t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.177\\(c185e2r1p12t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.159\\(c636e2r1p12t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.167\\(c00e87r2p15t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.159\\(c185e2r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.161\\(c432e4r1p11t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_10_pro_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.159\\(c636e2r1p13t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_10_pro:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.156\\(c00e156r2p14t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.159\\(c432e4r1p9t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.0.159\\(c636e3r1p12t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:changxiang_7s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.107\\(c00e107r2p8t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:changxiang_7s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:p-smart_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.119\\(c636e5r1p1t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:p-smart:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:p-smart_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.130\\(c432e8r1p5t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:p-smart:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:changxiang_8_plus_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.111\\(c00e111r1p6t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:changxiang_8_plus:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:y9_2018_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.115\\(c432e5r1p1t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:y9_2018:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:y9_2018_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.120\\(c636e5r1p1t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:y9_2018:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.113\\(c00e111r2p10t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.118\\(c636e4r1p1t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.118\\(c185e4r1p4t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.121\\(c432e4r1p3t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.121\\(c432e4r1p3t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.1.0.106\\(sp53c636e2r1p4t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.1.158\\(c432e6r1p8t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.0.1.159\\(c636e6r1p8t8\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-5264" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vulnerability was reported to Huawei by security researcher Fan Yuchen PSIRT . Huawei thanks Fan Yuzheng for cooperating with us to disclose the vulnerability to protect Huawei\u0027s customers.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-552" } ], "trust": 0.6 }, "cve": "CVE-2019-5264", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 2.1, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2019-5264", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CNVD-2020-36736", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Physical", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.6, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-5264", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-5264", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2020-36736", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-201912-552", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "NVD", "id": "CVE-2019-5264" }, { "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. Huawei Mate 9 and other products are products of China\u0027s Huawei. Huawei Mate 9 is a smartphone. Huawei Mate 10 is a smartphone product of Huawei. Honor 9 Lite is a smartphone. The vulnerability stems from the system\u0027s improper handling of application information with an application lock set in a specific scenario that rarely occurs", "sources": [ { "db": "NVD", "id": "CVE-2019-5264" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "CNVD", "id": "CNVD-2020-36736" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-5264", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2019-013432", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-36736", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201912-552", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "NVD", "id": "CVE-2019-5264" }, { "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "id": "VAR-201912-0062", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" } ], "trust": 1.3082753854545452 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" } ] }, "last_update_date": "2023-12-18T13:23:29.531000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20191211-01-smartphone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en" }, { "title": "Patch for Multiple Huawei product information disclosure vulnerabilities (CNVD-2020-36736)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/224731" }, { "title": "Multiple Huawei Product information disclosure vulnerability repair measures", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=105742" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "NVD", "id": "CVE-2019-5264" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5264" }, { "trust": 1.2, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191211-01-smartphone-cn" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5264" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-36736" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "NVD", "id": "CVE-2019-5264" }, { "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-36736" }, { "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "db": "NVD", "id": "CVE-2019-5264" }, { "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-07-07T00:00:00", "db": "CNVD", "id": "CNVD-2020-36736" }, { "date": "2020-01-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "date": "2019-12-13T23:15:12.050000", "db": "NVD", "id": "CVE-2019-5264" }, { "date": "2019-12-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-07-07T00:00:00", "db": "CNVD", "id": "CNVD-2020-36736" }, { "date": "2020-01-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-013432" }, { "date": "2020-08-24T17:37:01.140000", "db": "NVD", "id": "CVE-2019-5264" }, { "date": "2020-08-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201912-552" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Huawei Information disclosure vulnerabilities in smartphone products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-013432" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201912-552" } ], "trust": 0.6 } }
var-202002-0575
Vulnerability from variot
Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter when initializing certain driver program. An attacker could trick the user into installing a malicious application, successful exploit could cause the device to reboot. Huawei Honor V10 is a smartphone product from China's Huawei. The vulnerability stems from insufficient verification of incoming parameters
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0575", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "honor v10", "scope": "eq", "trust": 1.2, "vendor": "huawei", "version": null }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "bkl-l09_10.0.0.146\\(c432e4r1p4\\)" }, { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "bkl-al20_10.0.0.156\\(c00e156r2p4\\)" }, { "model": "honor v10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "bkl-al20 10.0.0.156(c00e156r2p4)" }, { "model": "honor v10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "bkl-l09 10.0.0.146(c432e4r1p4)" }, { "model": "honor \u003cbkl-al20 10.0.0.156", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor \u003cbkl-l09 10.0.0.146", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor v10", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9.1.0.333c00e333r2p1t8" }, { "model": "honor v10", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9.0.0.159c636e3r1p12t8" }, { "model": "honor v10", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9.0.0.156c00e156r2p14t8" }, { "model": "honor v10", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9.1.0.351c432e5r1p13t8" }, { "model": "honor v10", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "9.0.0.159c432e4r1p9t8" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "NVD", "id": "CVE-2020-1792" }, { "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "bkl-al20_10.0.0.156\\(c00e156r2p4\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "bkl-l09_10.0.0.146\\(c432e4r1p4\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1792" } ] }, "cve": "CVE-2020-1792", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.1, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-002386", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2020-14758", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2020-002386", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1792", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "JVNDB-2020-002386", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2020-14758", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202002-1246", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "NVD", "id": "CVE-2020-1792" }, { "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter when initializing certain driver program. An attacker could trick the user into installing a malicious application, successful exploit could cause the device to reboot. Huawei Honor V10 is a smartphone product from China\u0027s Huawei. The vulnerability stems from insufficient verification of incoming parameters", "sources": [ { "db": "NVD", "id": "CVE-2020-1792" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "CNVD", "id": "CNVD-2020-14758" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1792", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2020-002386", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-14758", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202002-1246", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "NVD", "id": "CVE-2020-1792" }, { "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "id": "VAR-202002-0575", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" } ], "trust": 1.4631467833333334 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" } ] }, "last_update_date": "2023-12-18T13:56:23.063000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200219-02-firewall", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en" }, { "title": "Patch for Huawei Honor V10 buffer overflow vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/206185" }, { "title": "Huawei Honor V10 Buffer error vulnerability fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=110820" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "NVD", "id": "CVE-2020-1792" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1792" }, { "trust": 1.6, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200226-01-smartphone-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1792" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200226-01-smartphone-cn" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-14758" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "NVD", "id": "CVE-2020-1792" }, { "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-14758" }, { "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "db": "NVD", "id": "CVE-2020-1792" }, { "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-03-01T00:00:00", "db": "CNVD", "id": "CNVD-2020-14758" }, { "date": "2020-03-13T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "date": "2020-02-28T19:15:11.297000", "db": "NVD", "id": "CVE-2020-1792" }, { "date": "2020-02-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-03-01T00:00:00", "db": "CNVD", "id": "CNVD-2020-14758" }, { "date": "2020-03-13T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-002386" }, { "date": "2020-03-04T15:47:08.787000", "db": "NVD", "id": "CVE-2020-1792" }, { "date": "2020-03-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202002-1246" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-1246" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Honor V10 Out-of-bounds writing vulnerabilities on smartphones", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-002386" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-1246" } ], "trust": 0.6 } }
var-202004-0958
Vulnerability from variot
Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806. This vulnerability is CVE-2020-1805 and CVE-2020-1806 Is a different vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. The vulnerability stems from a driver not fully verifying the received parameters
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0958", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.0.156\\(c00e156r2p4\\)" }, { "model": "honor v10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.0.156(c00e156r2p4)" }, { "model": "honor \u003c10.0.0.156", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": null }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.156(c00e156r2p14t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.159(c432e4r1p9t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.159(c636e3r1p12t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.1.0.333(c00e333r2p1t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.1.0.351(c432e5r1p13t8)" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "NVD", "id": "CVE-2020-1804" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.0.156\\(c00e156r2p4\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1804" } ] }, "cve": "CVE-2020-1804", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-004906", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2020-27112", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2020-1804", "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 5.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.1, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-004906", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1804", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-004906", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-27112", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202004-1969", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-1804", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "NVD", "id": "CVE-2020-1804" }, { "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806. This vulnerability is CVE-2020-1805 and CVE-2020-1806 Is a different vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. The vulnerability stems from a driver not fully verifying the received parameters", "sources": [ { "db": "NVD", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1804", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2020-004906", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-27112", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202004-1969", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-1804", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "NVD", "id": "CVE-2020-1804" }, { "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "id": "VAR-202004-0958", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" } ], "trust": 1.18944035 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" } ] }, "last_update_date": "2023-12-18T13:51:56.510000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200422-02-smartphone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" }, { "title": "Patch for Huawei Honor V10 Cross-Border Reading Vulnerability (CNVD-2020-27112)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/216735" }, { "title": "Huawei Honor V10 Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116736" }, { "title": "Huawei Security Advisories: Security Advisory - Three Out of Bounds Vulnerabilities in Several Smartphones", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=710862441ad85228271816b080be03e9" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "NVD", "id": "CVE-2020-1804" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1804" }, { "trust": 1.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1804" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200422-02-smartphone-cn" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/125.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "NVD", "id": "CVE-2020-1804" }, { "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-27112" }, { "db": "VULMON", "id": "CVE-2020-1804" }, { "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "db": "NVD", "id": "CVE-2020-1804" }, { "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-08T00:00:00", "db": "CNVD", "id": "CNVD-2020-27112" }, { "date": "2020-04-27T00:00:00", "db": "VULMON", "id": "CVE-2020-1804" }, { "date": "2020-06-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "date": "2020-04-27T15:15:12.907000", "db": "NVD", "id": "CVE-2020-1804" }, { "date": "2020-04-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-08T00:00:00", "db": "CNVD", "id": "CNVD-2020-27112" }, { "date": "2020-05-01T00:00:00", "db": "VULMON", "id": "CVE-2020-1804" }, { "date": "2020-06-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-004906" }, { "date": "2020-05-01T14:29:03.617000", "db": "NVD", "id": "CVE-2020-1804" }, { "date": "2020-05-06T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-1969" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-1969" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei Honor V10 Out-of-bounds read vulnerabilities on smartphones", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-004906" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-1969" } ], "trust": 0.6 } }
var-202004-0960
Vulnerability from variot
Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 3 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1805. This vulnerability is CVE-2020-1804 and CVE-2020-1805 Is a different vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. The vulnerability stems from a driver not fully verifying the received parameters
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0960", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "honor v10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "10.0.0.156\\(c00e156r2p4\\)" }, { "model": "honor v10", "scope": "eq", "trust": 0.8, "vendor": "huawei", "version": "10.0.0.156(c00e156r2p4)" }, { "model": "honor \u003c10.0.0.156", "scope": "eq", "trust": 0.6, "vendor": "huawei", "version": "v10" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": null }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.156(c00e156r2p14t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.159(c432e4r1p9t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.0.0.159(c636e3r1p12t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.1.0.333(c00e333r2p1t8)" }, { "model": "honor v10", "scope": "eq", "trust": 0.1, "vendor": "huawei", "version": "9.1.0.351(c432e5r1p13t8)" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "NVD", "id": "CVE-2020-1806" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.0.156\\(c00e156r2p4\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-1806" } ] }, "cve": "CVE-2020-1806", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-004653", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2020-27116", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2020-1806", "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 5.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.1, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-004653", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-1806", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-004653", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-27116", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202004-1966", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-1806", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "NVD", "id": "CVE-2020-1806" }, { "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 3 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1805. This vulnerability is CVE-2020-1804 and CVE-2020-1805 Is a different vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. The vulnerability stems from a driver not fully verifying the received parameters", "sources": [ { "db": "NVD", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-1806", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2020-004653", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2020-27116", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202004-1966", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-1806", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "NVD", "id": "CVE-2020-1806" }, { "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "id": "VAR-202004-0960", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" } ], "trust": 1.18944035 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "IoT" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" } ] }, "last_update_date": "2023-12-18T13:01:47.069000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "huawei-sa-20200422-02-smartphone", "trust": 0.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" }, { "title": "Patch for Huawei Honor V10 Cross-Border Reading Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/216729" }, { "title": "Huawei Honor V10 Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116733" }, { "title": "Huawei Security Advisories: Security Advisory - Three Out of Bounds Vulnerabilities in Several Smartphones", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=710862441ad85228271816b080be03e9" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "NVD", "id": "CVE-2020-1806" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1806" }, { "trust": 1.8, "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1806" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200422-02-smartphone-cn" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/125.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "NVD", "id": "CVE-2020-1806" }, { "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2020-27116" }, { "db": "VULMON", "id": "CVE-2020-1806" }, { "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "db": "NVD", "id": "CVE-2020-1806" }, { "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-08T00:00:00", "db": "CNVD", "id": "CNVD-2020-27116" }, { "date": "2020-04-27T00:00:00", "db": "VULMON", "id": "CVE-2020-1806" }, { "date": "2020-05-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "date": "2020-04-27T15:15:13.017000", "db": "NVD", "id": "CVE-2020-1806" }, { "date": "2020-04-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-08T00:00:00", "db": "CNVD", "id": "CNVD-2020-27116" }, { "date": "2020-04-30T00:00:00", "db": "VULMON", "id": "CVE-2020-1806" }, { "date": "2020-05-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-004653" }, { "date": "2020-04-30T19:30:50.007000", "db": "NVD", "id": "CVE-2020-1806" }, { "date": "2020-05-06T00:00:00", "db": "CNNVD", "id": "CNNVD-202004-1966" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-1966" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Huawei Honor V10 Out-of-bounds read vulnerabilities on smartphones", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-004653" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202004-1966" } ], "trust": 0.6 } }
cve-2020-1805
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T06:46:30.907Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Honor V10", "vendor": "Huawei", "versions": [ { "status": "affected", "version": "Versions earlier than 10.0.0.156(C00E156R2P4)" } ] } ], "descriptions": [ { "lang": "en", "value": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 2 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1806." } ], "problemTypes": [ { "descriptions": [ { "description": "Three Out of Bounds", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-27T14:50:17", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-1805", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Honor V10", "version": { "version_data": [ { "version_value": "Versions earlier than 10.0.0.156(C00E156R2P4)" } ] } } ] }, "vendor_name": "Huawei" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 2 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1806." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Three Out of Bounds" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-1805", "datePublished": "2020-04-27T14:50:17", "dateReserved": "2019-11-29T00:00:00", "dateUpdated": "2024-08-04T06:46:30.907Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-1806
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T06:46:30.950Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Honor V10", "vendor": "Huawei", "versions": [ { "status": "affected", "version": "Versions earlier than 10.0.0.156(C00E156R2P4)" } ] } ], "descriptions": [ { "lang": "en", "value": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 3 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1805." } ], "problemTypes": [ { "descriptions": [ { "description": "Three Out of Bounds", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-27T14:52:06", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-1806", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Honor V10", "version": { "version_data": [ { "version_value": "Versions earlier than 10.0.0.156(C00E156R2P4)" } ] } } ] }, "vendor_name": "Huawei" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 3 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1805." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Three Out of Bounds" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-1806", "datePublished": "2020-04-27T14:52:06", "dateReserved": "2019-11-29T00:00:00", "dateUpdated": "2024-08-04T06:46:30.950Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-5295
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190131-01-phone-en | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T19:54:53.234Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190131-01-phone-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Honor V10", "vendor": "Huawei", "versions": [ { "status": "affected", "version": "Versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8)" } ] } ], "datePublic": "2019-01-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8) have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope of authorization." } ], "problemTypes": [ { "descriptions": [ { "description": "authorization bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-06T14:39:27", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190131-01-phone-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2019-5295", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Honor V10", "version": { "version_data": [ { "version_value": "Versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8)" } ] } } ] }, "vendor_name": "Huawei" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8) have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope of authorization." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "authorization bypass" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190131-01-phone-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190131-01-phone-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2019-5295", "datePublished": "2019-06-06T14:39:27", "dateReserved": "2019-01-04T00:00:00", "dateUpdated": "2024-08-04T19:54:53.234Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-1804
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T06:46:30.926Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Honor V10", "vendor": "Huawei", "versions": [ { "status": "affected", "version": "Versions earlier than 10.0.0.156(C00E156R2P4)" } ] } ], "descriptions": [ { "lang": "en", "value": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806." } ], "problemTypes": [ { "descriptions": [ { "description": "Three Out of Bounds", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-27T14:48:54", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@huawei.com", "ID": "CVE-2020-1804", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Honor V10", "version": { "version_data": [ { "version_value": "Versions earlier than 10.0.0.156(C00E156R2P4)" } ] } } ] }, "vendor_name": "Huawei" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Three Out of Bounds" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-02-smartphone-en" } ] } } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-1804", "datePublished": "2020-04-27T14:48:54", "dateReserved": "2019-11-29T00:00:00", "dateUpdated": "2024-08-04T06:46:30.926Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }