Vulnerabilites related to huawei - emily-al00a_firmware
cve-2018-7925
Vulnerability from cvelistv5
Published
2018-11-13 19:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | Emily-AL00A |
Version: The versions before 8.1.0.171(C00) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Emily-AL00A",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "The versions before 8.1.0.171(C00)"
}
]
}
],
"datePublic": "2018-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "lock-screen bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T18:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Emily-AL00A",
"version": {
"version_data": [
{
"version_value": "The versions before 8.1.0.171(C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "lock-screen bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7925",
"datePublished": "2018-11-13T19:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7947
Vulnerability from cvelistv5
Published
2018-07-31 14:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | Emily-AL00A |
Version: Versions earlier before 8.1.0.153(C00) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Emily-AL00A",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Versions earlier before 8.1.0.153(C00)"
}
]
}
],
"datePublic": "2018-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-31T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Emily-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier before 8.1.0.153(C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7947",
"datePublished": "2018-07-31T14:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7944
Vulnerability from cvelistv5
Published
2018-07-05 18:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | Emily-AL00A |
Version: 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.713Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Emily-AL00A",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "8.1.0.106(SP2C00) and 8.1.0.107(SP5C00)"
}
]
}
],
"datePublic": "2018-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user\u0027s smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Factory Reset Protection (FRP) bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-05T17:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Emily-AL00A",
"version": {
"version_data": [
{
"version_value": "8.1.0.106(SP2C00) and 8.1.0.107(SP5C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user\u0027s smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Factory Reset Protection (FRP) bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7944",
"datePublished": "2018-07-05T18:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7911
Vulnerability from cvelistv5
Published
2018-10-23 14:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A, |
Version: ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A,",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00)"
}
]
}
],
"datePublic": "2018-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "FRP bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-23T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A,",
"version": {
"version_data": [
{
"version_value": "ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "FRP bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7911",
"datePublished": "2018-10-23T14:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5282
Vulnerability from cvelistv5
Published
2019-11-13 13:28
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Emily-AL00A, Emily-TL00B, Emily-L09C, Emily-L29C |
Version: Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:51.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Emily-AL00A, Emily-TL00B, Emily-L09C, Emily-L29C",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T13:28:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Emily-AL00A, Emily-TL00B, Emily-L09C, Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en",
"refsource": "MISC",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5282",
"datePublished": "2019-11-13T13:28:07",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:51.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7961
Vulnerability from cvelistv5
Published
2018-11-27 22:00
Modified
2024-08-05 06:37
Severity ?
EPSS score ?
Summary
There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei Technologies Co., Ltd. | Emily-AL00A |
Version: 8.1.0.167(C00) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Emily-AL00A",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "8.1.0.167(C00)"
}
]
}
],
"datePublic": "2018-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-27T21:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Emily-AL00A",
"version": {
"version_data": [
{
"version_value": "8.1.0.167(C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7961",
"datePublished": "2018-11-27T22:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5235
Vulnerability from cvelistv5
Published
2019-12-13 23:09
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B |
Version: Version Version: 9.1.0.206(C00E205R3P1) Version: 9.0.1.5(C735R1) Version: 9.1.0.1(C00R3) Version: 9.1.0.206 Version: 9.0.1.162(C01E160R2P3) Version: 8.2.0.170(C861) Version: 8.2.0.188(C00R2P1) Version: 8.2.0.163(C605) Version: 8.2.0.160(C185) Version: 8.2.0.156(C636R2P2) Version: 8.2.0.152(C45CUSTC45D1) Version: 8.2.0.162(C605) Version: 8.2.0.175(C00R2P4) Version: 8.2.0.190(C788R1P16) Version: 8.2.0.161(C675CUSTC675D1) Version: 8.2.0.165(C00R1P16) Version: 8.2.0.130(C461R1P1) Version: 8.2.0.130(C652CUSTC652D1) Version: 8.2.0.131(C10R2P2) Version: 8.2.0.136(C432CUSTC432D1) Version: 8.2.0.101(C10CUSTC10D1) Version: 8.2.0.101(C432CUSTC432D1) Version: 8.2.0.131(C55CUSTC55D1) Version: 8.2.0.105(C185R1P1) Version: 8.2.0.107(C636R2P1) Version: 8.2.0.103(C652CUSTC652D1) Version: 8.2.0.105(C185R2P1) Version: 8.2.0.130(C636CUSTC636D2) Version: 8.2.0.133(C605CUSTC605D1) Version: 8.2.0.155(C675R2P1) Version: 8.2.0.110(C652CUSTC652D1) Version: 8.2.0.100(C541CUSTC541D1) Version: 8.2.0.165(C01R1P16) Version: 9.1.0.208(C00E205R3P1) Version: 9.1.0.162(C00E160R2P1) Version: 9.1.0.12(C00R1) Version: 9.1.0.4(C735R1) Version: 9.1.0.162 Version: 9.1.0.161 Version: 9.1.0.162(C01E160R2P1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version"
},
{
"status": "affected",
"version": "9.1.0.206(C00E205R3P1)"
},
{
"status": "affected",
"version": "9.0.1.5(C735R1)"
},
{
"status": "affected",
"version": "9.1.0.1(C00R3)"
},
{
"status": "affected",
"version": "9.1.0.206"
},
{
"status": "affected",
"version": "9.0.1.162(C01E160R2P3)"
},
{
"status": "affected",
"version": "8.2.0.170(C861)"
},
{
"status": "affected",
"version": "8.2.0.188(C00R2P1)"
},
{
"status": "affected",
"version": "8.2.0.163(C605)"
},
{
"status": "affected",
"version": "8.2.0.160(C185)"
},
{
"status": "affected",
"version": "8.2.0.156(C636R2P2)"
},
{
"status": "affected",
"version": "8.2.0.152(C45CUSTC45D1)"
},
{
"status": "affected",
"version": "8.2.0.162(C605)"
},
{
"status": "affected",
"version": "8.2.0.175(C00R2P4)"
},
{
"status": "affected",
"version": "8.2.0.190(C788R1P16)"
},
{
"status": "affected",
"version": "8.2.0.161(C675CUSTC675D1)"
},
{
"status": "affected",
"version": "8.2.0.165(C00R1P16)"
},
{
"status": "affected",
"version": "8.2.0.130(C461R1P1)"
},
{
"status": "affected",
"version": "8.2.0.130(C652CUSTC652D1)"
},
{
"status": "affected",
"version": "8.2.0.131(C10R2P2)"
},
{
"status": "affected",
"version": "8.2.0.136(C432CUSTC432D1)"
},
{
"status": "affected",
"version": "8.2.0.101(C10CUSTC10D1)"
},
{
"status": "affected",
"version": "8.2.0.101(C432CUSTC432D1)"
},
{
"status": "affected",
"version": "8.2.0.131(C55CUSTC55D1)"
},
{
"status": "affected",
"version": "8.2.0.105(C185R1P1)"
},
{
"status": "affected",
"version": "8.2.0.107(C636R2P1)"
},
{
"status": "affected",
"version": "8.2.0.103(C652CUSTC652D1)"
},
{
"status": "affected",
"version": "8.2.0.105(C185R2P1)"
},
{
"status": "affected",
"version": "8.2.0.130(C636CUSTC636D2)"
},
{
"status": "affected",
"version": "8.2.0.133(C605CUSTC605D1)"
},
{
"status": "affected",
"version": "8.2.0.155(C675R2P1)"
},
{
"status": "affected",
"version": "8.2.0.110(C652CUSTC652D1)"
},
{
"status": "affected",
"version": "8.2.0.100(C541CUSTC541D1)"
},
{
"status": "affected",
"version": "8.2.0.165(C01R1P16)"
},
{
"status": "affected",
"version": "9.1.0.208(C00E205R3P1)"
},
{
"status": "affected",
"version": "9.1.0.162(C00E160R2P1)"
},
{
"status": "affected",
"version": "9.1.0.12(C00R1)"
},
{
"status": "affected",
"version": "9.1.0.4(C735R1)"
},
{
"status": "affected",
"version": "9.1.0.162"
},
{
"status": "affected",
"version": "9.1.0.161"
},
{
"status": "affected",
"version": "9.1.0.162(C01E160R2P1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T23:09:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Harry-AL00C, Harry-AL00C-PRELOAD, Harry-AL10B, Harry-LGRP1-CHN, Harry-TL00C, Jackman-AL00D, Jackman-L03, Jackman-L21, Jackman-L22, Jackman-L23, Johnson-AL00C, Johnson-AL00IC, Johnson-AL10C, Johnson-L21C, Johnson-L21D, Johnson-L22C, Johnson-L22D, Johnson-L23C, Johnson-L42IC, Johnson-L42IE, Johnson-L42IF, Johnson-TL00D, Johnson-TL00F, Potter-AL00C, Potter-AL10A, VOGUE-AL00A, VOGUE-AL00A-PRELOAD, VOGUE-AL10C, VOGUE-AL10C-PRELOAD, VOGUE-LGRP1-CHN, VOGUE-LGRP2-OVS, VOGUE-TL00B",
"version": {
"version_data": [
{
"version_value": "Version"
},
{
"version_value": "9.1.0.206(C00E205R3P1)"
},
{
"version_value": "9.0.1.5(C735R1)"
},
{
"version_value": "9.1.0.1(C00R3)"
},
{
"version_value": "9.1.0.206(C00E205R3P1)"
},
{
"version_value": "9.1.0.206"
},
{
"version_value": "9.0.1.162(C01E160R2P3)"
},
{
"version_value": "8.2.0.170(C861)"
},
{
"version_value": "8.2.0.188(C00R2P1)"
},
{
"version_value": "8.2.0.163(C605)"
},
{
"version_value": "8.2.0.160(C185)"
},
{
"version_value": "8.2.0.156(C636R2P2)"
},
{
"version_value": "8.2.0.152(C45CUSTC45D1)"
},
{
"version_value": "8.2.0.162(C605)"
},
{
"version_value": "8.2.0.175(C00R2P4)"
},
{
"version_value": "8.2.0.190(C788R1P16)"
},
{
"version_value": "8.2.0.161(C675CUSTC675D1)"
},
{
"version_value": "8.2.0.165(C00R1P16)"
},
{
"version_value": "8.2.0.130(C461R1P1)"
},
{
"version_value": "8.2.0.130(C652CUSTC652D1)"
},
{
"version_value": "8.2.0.131(C10R2P2)"
},
{
"version_value": "8.2.0.136(C432CUSTC432D1)"
},
{
"version_value": "8.2.0.101(C10CUSTC10D1)"
},
{
"version_value": "8.2.0.101(C432CUSTC432D1)"
},
{
"version_value": "8.2.0.131(C55CUSTC55D1)"
},
{
"version_value": "8.2.0.105(C185R1P1)"
},
{
"version_value": "8.2.0.107(C636R2P1)"
},
{
"version_value": "8.2.0.103(C652CUSTC652D1)"
},
{
"version_value": "8.2.0.105(C185R2P1)"
},
{
"version_value": "8.2.0.107(C636R2P1)"
},
{
"version_value": "8.2.0.130(C636CUSTC636D2)"
},
{
"version_value": "8.2.0.133(C605CUSTC605D1)"
},
{
"version_value": "8.2.0.155(C675R2P1)"
},
{
"version_value": "8.2.0.155(C675R2P1)"
},
{
"version_value": "8.2.0.110(C652CUSTC652D1)"
},
{
"version_value": "8.2.0.155(C675R2P1)"
},
{
"version_value": "8.2.0.100(C541CUSTC541D1)"
},
{
"version_value": "8.2.0.165(C01R1P16)"
},
{
"version_value": "8.2.0.100(C541CUSTC541D1)"
},
{
"version_value": "9.1.0.208(C00E205R3P1)"
},
{
"version_value": "9.1.0.208(C00E205R3P1)"
},
{
"version_value": "9.1.0.162(C00E160R2P1)"
},
{
"version_value": "9.1.0.12(C00R1)"
},
{
"version_value": "9.1.0.4(C735R1)"
},
{
"version_value": "9.1.0.162(C00E160R2P1)"
},
{
"version_value": "9.1.0.12(C00R1)"
},
{
"version_value": "9.1.0.162"
},
{
"version_value": "9.1.0.161"
},
{
"version_value": "9.1.0.162(C01E160R2P1)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5235",
"datePublished": "2019-12-13T23:09:32",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-07-05 18:29
Modified
2024-11-21 04:13
Severity ?
Summary
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | emily-al00a_firmware | 8.1.0.106\(sp2c00\) | |
| huawei | emily-al00a_firmware | 8.1.0.107\(sp5c00\) | |
| huawei | emily-al00a | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.106\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2385EEAB-9B82-4461-AE30-4B5E639A3A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.107\\(sp5c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11B6FE85-304B-4992-AA0C-0AD91AF057F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user\u0027s smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally."
},
{
"lang": "es",
"value": "Los smartphones Huawei con software Emily-AL00A en versiones 8.1.0.106(SP2C00) y 8.1.0.107(SP5C00) tienen una vulnerabilidad de omisi\u00f3n de Factory Reset Protection (FRP). Un atacante obtiene el smartphone de un usuario y realiza algunas operaciones especiales en la funci\u00f3n guide. Un atacante podr\u00eda explotar esta vulnerabilidad para omitir la funci\u00f3n FRP y emplear el tel\u00e9fono de forma normal."
}
],
"id": "CVE-2018-7944",
"lastModified": "2024-11-21T04:13:00.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-05T18:29:00.737",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180622-01-bypass-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-31 14:29
Modified
2024-11-21 04:13
Severity ?
Summary
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | emily-al00a_firmware | * | |
| huawei | emily-al00a | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C89D2623-A661-4837-B0DC-BEC6802B8895",
"versionEndExcluding": "8.1.0.153\\(c00\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos m\u00f3viles Huawei con versiones anteriores a Emily-AL00A 8.1.0.153(C00) tienen una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n. Un atacante puede enga\u00f1ar a un usuario para que se conecte a un dispositivo malicioso. En el modo de depuraci\u00f3n, el software malicioso en el dispositivo podr\u00eda explotar la vulnerabilidad para omitir algunas funciones espec\u00edficas. Su explotaci\u00f3n con \u00e9xito podr\u00eda provocar que algunas aplicaciones se instalen en los tel\u00e9fonos m\u00f3viles."
}
],
"id": "CVE-2018-7947",
"lastModified": "2024-11-21T04:13:00.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-31T14:29:00.980",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180720-01-mobile-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-27 22:29
Modified
2024-11-21 04:13
Severity ?
Summary
There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | emily-al00a_firmware | 8.1.0.167\(c00\) | |
| huawei | emily-al00a | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.167\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E4898089-E9F4-4E63-A563-0B07105A3339",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak."
},
{
"lang": "es",
"value": "Hay una vulnerabilidad de verificaci\u00f3n de c\u00f3digo SMS en algunos smartphones Huawei. Un atacante deber\u00eda enga\u00f1ar a un usuario para que acceda a un sitio web malicioso o a una aplicaci\u00f3n y registro maliciosos. Debido al procesamiento incorrecto del c\u00f3digo de verificaci\u00f3n de SMS, su explotaci\u00f3n exitosa puede provocar un filtrado de informaci\u00f3n sensible."
}
],
"id": "CVE-2018-7961",
"lastModified": "2024-11-21T04:13:01.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-27T22:29:00.430",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181121-02-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-13 14:15
Modified
2024-11-21 04:44
Severity ?
Summary
Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96618503-F4A9-4D28-8F2F-7E100BA1DD5A",
"versionEndExcluding": "emily-al00a_9.0.0.182\\(c00e82r1p21\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-tl00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEAD8FD1-2AF8-4A61-85B7-B6998B0CF2C2",
"versionEndExcluding": "emily-tl00b_9.0.0.182\\(c01e82r1p21\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010C3645-3C82-47F0-908C-9B4CFFC503CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F445225-2435-4A85-AD1C-80B6FC1A5CF6",
"versionEndExcluding": "emily-l09c_9.0.0.203\\(c432e7r1p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "048BEA40-729F-4969-98D9-C3D6FBC0E70C",
"versionEndExcluding": "emily-l29c_9.0.0.203\\(c432e7r1p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF69329-581F-465F-90D5-5ED8B9D7FA8D",
"versionEndExcluding": "emily-l29c_9.0.0.202\\(c185e2r1p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "734685B2-3F5D-4D7D-B629-47E4AEDF6344",
"versionEndExcluding": "emily-l29c_9.0.0.207\\(c636e7r1p13\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53B7C6A9-96A6-4694-8592-F60453A14F4B",
"versionEndExcluding": "emily-l29c_9.0.0.205\\(c635e2r1p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l09ca_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3901CB80-49CF-4444-9D45-FCA1CAE86283",
"versionEndExcluding": "hima-l09ca_9.0.0.198\\(c432e10r1p16\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l09ca:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77D87F4E-CF65-4AFE-90EC-B5492955AE40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29ca_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "503B6836-F944-4E87-9E7C-D2A4DCC1F5F7",
"versionEndExcluding": "hima-l29ca_9.0.0.198\\(c432e10r1p16\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29ca:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8867E2C6-DBD5-4631-B77F-068EF1E6D0F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2117F0CB-A6ED-4208-8376-0D6DC0992814",
"versionEndExcluding": "hima-l29c_9.0.0.204\\(c636e10r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution."
},
{
"lang": "es",
"value": "El m\u00f3dulo Bastet de algunos tel\u00e9fonos inteligentes Huawei con versiones anteriores a Emily-AL00A 9.0.0.182(C00E82R1P21), versiones anteriores a Emily-TL00B 9.0.0.182(C01E82R1P21), versiones anteriores a Emily-L09C 9.0.0.203(C432E7R1P11), versiones anteriores a Emily-L29C 9.0.0.203 (C432E7R1P11), las versiones anteriores a Emily-L29C 9.0.0.202 (C185E2R1P12), presentan una vulnerabilidad de doble liberaci\u00f3n. Un atacante enga\u00f1a al usuario para que instale una aplicaci\u00f3n maliciosa, que se libera dos veces en la misma direcci\u00f3n de memoria. Una explotaci\u00f3n con \u00e9xito podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo malicioso."
}
],
"id": "CVE-2019-5282",
"lastModified": "2024-11-21T04:44:39.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-13T14:15:10.457",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-13 19:29
Modified
2024-11-21 04:12
Severity ?
Summary
The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | emily-al00a_firmware | * | |
| huawei | emily-al00a | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0819EE1B-2FAB-40B6-85C8-E3D3DF689205",
"versionEndExcluding": "8.1.0.171\\(c00\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability."
},
{
"lang": "es",
"value": "El m\u00f3dulo radio de algunos smartphones Huawei Emily-AL00A en versiones anteriores a la 8.1.0.171(C00) tiene una vulnerabilidad de omisi\u00f3n de pantalla de bloqueo. Un atacante no autenticado podr\u00eda iniciar aplicaciones de m\u00e9todo de entrada de terceros mediante ciertas operaciones para omitir la pantalla de bloqueo explotando esta vulnerabilidad."
}
],
"id": "CVE-2018-7925",
"lastModified": "2024-11-21T04:12:58.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-13T19:29:00.430",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181105-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-14 00:15
Modified
2024-11-21 04:44
Severity ?
Summary
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.153\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00A30EA6-84A9-4549-8CA5-5E3F833C4A46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-tl00b_firmware:8.0.0.129\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "19236304-3FC9-4377-B03E-5197CEA6A3A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7918CD6-341B-4FCC-BD31-30B8952192C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-al00b_firmware:8.0.0.129\\(sp2c786\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99627A07-1127-4F96-B694-D2F4388BEF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-al00b_firmware:8.0.0.153\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E47AF090-F5FB-46CA-BEBA-7C465083CA72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D6D9B-335B-404C-88F3-590DF9E5D878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.129\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE5185C7-F99C-471C-9718-CC08FFEA49A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.176\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "332ABD26-1EC2-40E3-A329-481914DAA717",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9EFA36-508E-42A6-83A5-D94273265400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-tl00b_firmware:8.1.0.176\\(c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B57C9502-D755-4431-A097-FD485794B133",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31979014-C70F-49E9-A37F-A2A622AE9252",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10b_firmware:8.1.0.163\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80721EA2-C5AE-4BD0-877C-43BB508A462F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F63CA2F-45B8-4DD3-81AE-8359929AE50B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10i_firmware:8.1.0.150\\(c675custc675d2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0119A5C2-D99B-43BE-A541-F067044866FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF16336-9CFE-4D67-852B-4C356E3C5951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.146\\(c461\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EAB4D5D8-F919-403D-9209-63C06FD21923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.148\\(c185\\):*:*:*:*:*:*:*",
"matchCriteriaId": "920A33BF-DFDB-40A1-B893-3815C77A3751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.151\\(c10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF676A0A-0446-431B-81B3-E14149E1D764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:8.1.0.151\\(c432\\):*:*:*:*:*:*:*",
"matchCriteriaId": "004FB686-8DE9-4C7A-BEBE-F37043F50A67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-tl00d_firmware:8.1.0.186\\(c01gt\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A6BCE3A-F806-48FE-8F22-FB77EA671584",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE1BB06-0403-4F46-AF76-DAD85D538907",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:elle-al00b_firmware:9.1.0.162\\(c00e160r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C3DEAC5-9F49-4967-BCD4-DCF58ACCBC61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:elle-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE97479-E4F0-4C87-B6EE-EE4AE685DE5A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:elle-tl00b_firmware:9.1.0.162\\(c01e160r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20316EA5-6D3C-4AC9-BBBB-621E12B4A437",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:elle-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678B1753-1005-489F-B30A-76C49803FA5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.190\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4080BCCB-AE47-42D1-9570-989A20A2B0F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-tl00b_firmware:8.1.0.175\\(c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2648D7A0-CE4D-4EAB-B571-407F46564D9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010C3645-3C82-47F0-908C-9B4CFFC503CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-al00b_firmware:9.0.0.195\\(c00e195r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "66AEE44E-3E9A-45B5-9CB9-B9F0CDB4BE8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "264C7F11-D6CC-4DF7-8607-736179618A50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:9.0.0.206\\(c185e3r3p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB598092-85FC-4E96-A870-ACC2EF592D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:9.0.0.207\\(c636e3r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD1835B9-E25A-41DB-BB2C-9DD3603D4025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:9.0.0.208\\(c432e3r1p12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33553334-B4C0-42D0-8185-FD4337F54011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-al00c_firmware:9.1.0.206\\(c00e205r3p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57CD42F9-7611-452E-AD1C-E14493A02A70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF9FAC4-0A8C-463C-8E5C-64E33D145E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41532B6-FE2A-4174-B1AA-074F08B64DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harry-al10b_firmware:9.1.0.206\\(c00e205r3p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5395F144-E845-4AB2-A8AC-7A43BE3912A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2BE361-1412-455E-A553-0CA9D14E4C1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-tl00c_firmware:9.0.1.162\\(c01e160r2p3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE8ADA57-076D-49BE-A354-25B95F1A676C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E31013C1-26DA-4A6D-BBD4-BF0630EEEB66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-al00b_firmware:9.0.0.200\\(c00e200r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5DEC5474-D927-456A-8F9D-C854BDB7F968",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0592A2-8087-4847-8586-04ED842960D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jackman-l21_firmware:8.2.0.160\\(c185\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39F76953-3CB3-4CCF-A3A3-15267E9A49DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jackman-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F105E1-6077-4FF3-8AD2-472A5DB68CA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jackman-l22_firmware:8.2.0.156\\(c636r2p2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3CEC1CAE-7461-4A57-B31D-98C16167B2B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B99E236E-D36C-4FE9-93C2-10D01A3A7390",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jackman-l23_firmware:8.2.0.152\\(c45custc45d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "41A59832-A342-449F-B4DC-4D4305F62ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:jackman-l23_firmware:8.2.0.162\\(c605\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9085E680-5AD9-42C6-8DAF-EDEC1E64AC75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jackman-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB9A357-16B3-4CEE-B235-5B1E951D6719",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-al00ic_firmware:8.2.0.161\\(c675custc675d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D822874-5669-40AA-8113-7BEF544F80D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-al00ic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8844A56E-E1F2-4CD1-8E81-A4365CF10E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-al10c_firmware:8.2.0.165\\(c00r1p16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "27F82E49-446A-4E37-B340-11A8BEA77EC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-al10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "478E7A4C-C1EC-4D13-B06A-CA8E57C2690B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l21c_firmware:8.2.0.130\\(c461r1p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "496C59DA-9104-4C6C-BBB6-6E522D98CF81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l21c_firmware:8.2.0.131\\(c10r2p2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "24B9D430-FB96-45A3-A928-F7A7BCE4AFA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l21c_firmware:8.2.0.136\\(c432custc432d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B55EFA94-43FA-442D-9D75-189BFC2368BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l21c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "067613ED-432F-457D-929E-238462AC53AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l21d_firmware:8.2.0.101\\(c10custc10d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "59A49059-37AB-448A-A5E4-592120B6F0DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l21d_firmware:8.2.0.101\\(c432custc432d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B554E747-6A9A-4EDC-A743-72891D34B4E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l21d_firmware:8.2.0.131\\(c55custc55d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC9F79F8-8042-429B-9329-91B631E6FD40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l21d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDAF471-1498-4856-9ECD-8FB3F809D01E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l22c_firmware:8.2.0.105\\(c185r1p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3800398A-9704-4380-A329-D4911D73AB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l22c_firmware:8.2.0.107\\(c636r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BA8F1D00-5BBF-43AD-8C92-D6FF6E5B2819",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l22c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC60D552-5519-4020-9C45-E2EBC3700693",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l22d_firmware:8.2.0.105\\(c185r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1455033B-FF7E-44B4-8ECF-250D961D4B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l22d_firmware:8.2.0.107\\(c636r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "636275C8-D825-4C66-BEFB-BB91BA8EB38D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l22d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB32655-E8FE-4058-B31C-052E609746C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l23c_firmware:8.2.0.130\\(c636custc636d2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0309BA64-78C5-4790-84AC-AE38F9080F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-l23c_firmware:8.2.0.133\\(c605custc605d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0DC6487-720E-4722-A864-1FB7B5FB351C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l23c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF62125-1E21-47BE-835A-61243E3F690F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l42ic_firmware:8.2.0.155\\(c675r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A014F6CA-21F5-40C1-A2B0-DBE4FBC262D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l42ic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F72F9B44-B835-4A93-A2D0-1B1FF8FEA81F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l42ie_firmware:8.2.0.155\\(c675r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1446494D-014E-4F07-AE60-F89C7EA56C0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l42ie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C91EE9E-C333-4D02-9184-29631948D0FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-l42if_firmware:8.2.0.155\\(c675r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28656199-3BC2-4847-9468-D323DB37199E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-l42if:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFE0746-31FB-4151-8D70-AAE0611CCDFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00d_firmware:8.2.0.100\\(c541custc541d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07548F3F-D36D-457B-9899-92BCBEF91B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00d_firmware:8.2.0.165\\(c01r1p16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B4713A6-FF22-40C7-896E-C0D626AF6D2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "566629E0-84F2-4DFA-A20E-2D20C472E4B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00f_firmware:8.2.0.100\\(c541custc541d1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3563E6B0-881E-4854-99F5-196C7A7AA595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0075F84C-492C-408D-941B-274A0A0C3B82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:laya-al00ep_firmware:9.0.0.201\\(c786e200r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68BB4A88-06F2-46E5-B03A-A4450CA7CE40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A54AE-DC30-429B-8FB8-BE6EB933E685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:neo-al00d_firmware:8.1.0.175\\(c786\\):*:*:*:*:*:*:*",
"matchCriteriaId": "581A0F86-A651-48E7-930A-3BD773C1AF0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B07FEC-514D-4A51-B26B-02254A867DC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:potter-al00c_firmware:9.1.0.208\\(c00e205r3p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17A2F928-6CF8-408B-B3F4-CED7441B8307",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34141B01-DA8B-4029-B275-395AC11C40C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:potter-al10a_firmware:9.1.0.208\\(c00e205r3p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AEAE9002-378D-4466-AB62-A190C34AD61F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF01A3C-2E60-45B8-8D4E-58B5710FC40C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:9.1.0.211\\(c00e203r2p2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE3A7EB6-8CC6-40CB-93B0-129E7E7A2483",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10d_firmware:9.1.0.212\\(c00e204r2p2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5EC9D33-A11F-4F8F-BE37-9B8C4263EF95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11E6B825-CA55-4BEC-8279-3F33F7CC93EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10i_firmware:9.0.1.150\\(c675e9r1p4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10A41D90-90FC-41C2-A5A3-B1A5CF7FB54D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E9766B-FFB3-47F0-9C55-57F1C268109C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-tl10c_firmware:9.1.0.211\\(c01e203r2p2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF0B7171-505A-4A24-8861-2533F9F10011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35F6A54F-E004-4BE7-A6A6-3E7C300DC498",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:9.1.0.206\\(c00e200r2p3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4961A11C-A7A7-4AA1-BC36-F0D9FECC37B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-tl00b_firmware:9.1.0.206\\(c01e200r2p3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AD232463-90AA-42BF-A569-F5BE483F27E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:vogue-al00a_firmware:9.1.0.162\\(c00e160r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7B24E79-5313-4151-B2F3-11A411AF25C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:vogue-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "973B0865-F7A6-4851-BEBE-6026E54CC04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:vogue-al00a-preload_firmware:9.1.0.12\\(c00r1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "62F817EB-12AA-472D-8607-299352831E71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:vogue-al00a-preload:-:*:*:*:*:*:*:*",
"matchCriteriaId": "373003A1-4308-45DD-8A8D-607CEE7BBBFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:vogue-al10c_firmware:9.1.0.162\\(c00e160r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EADD0609-5B61-4605-B015-B0BF67E1D037",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:vogue-al10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD081515-6391-40B5-BAE5-162DFE3E2C30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:vogue-al10c-preload_firmware:9.1.0.12\\(c00r1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC4DDD74-425B-4BA0-A64E-3E2300518EBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:vogue-al10c-preload:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71FCE443-E810-4011-AE70-117F37A18CFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:vogue-tl00b_firmware:9.1.0.162\\(c01e160r2p1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "865A13F6-B4F0-432D-8328-05E9D10A0FF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:vogue-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "264C6E15-84C8-40D3-895D-15736062439F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal."
},
{
"lang": "es",
"value": "Algunos tel\u00e9fonos inteligentes Huawei tienen una vulnerabilidad de desreferencia del puntero null. Un atacante crea paquetes espec\u00edficos y los env\u00eda al producto afectado para explotar esta vulnerabilidad. La explotaci\u00f3n con \u00e9xito puede causar que el tel\u00e9fono afectado sea anormal."
}
],
"id": "CVE-2019-5235",
"lastModified": "2024-11-21T04:44:34.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-14T00:15:10.977",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-23 14:29
Modified
2024-11-21 04:12
Severity ?
Summary
Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.106\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C52A7CD3-98AF-4E85-BFE3-971AA359DD8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.113\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "02F67A4B-843A-403B-992A-21F900A42291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.113\\(sp3c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7D90101E-0AA9-401F-9435-8605865D8748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.113\\(sp7c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20F4536B-FAD3-4AF6-ADE4-AA458C6A82B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.118\\(c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1F7D3A95-FFF4-4412-A709-BC1EA0EE9389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.120\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08348C88-FF3D-4B88-9B6F-A17D00965268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.125\\(sp1c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F7A3D24-8394-4555-AC4C-876C92A39010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.125\\(sp3c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A880D55-009A-40D2-AE2F-4A32F6288346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.126\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0984004A-45AE-4E0A-93AC-E17168189A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.126\\(sp5c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE1965F0-40F9-40CB-9A39-672278259C6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.127\\(sp1c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9DA493CF-9670-4D6B-B5E8-20E44642FEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.128\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C41D62FD-71CC-4583-A3CA-2509422EC6BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b-rsc_firmware:1.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B6C500-CE64-48A3-95FC-A0F71C3AACFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b-rsc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7B7807E-41B3-4F39-938C-BF482E4FDC96",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.113\\(sp7c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8EDA0CB0-04AD-46C2-8CD1-1BDAF2722DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.118\\(c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C007A17-7F9F-4EC2-8DD7-01217B7B0C28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.120\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81BEF6F9-0FAD-4649-9AD8-056617A0A2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp1c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98013FF1-FE4D-4BE0-A715-6A22CB1AADD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98B49194-20F5-4B0F-A1D0-394AFE4605A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp3c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "896D0A6F-C26D-4B6C-85FC-E50104BF2797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.126\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E002850B-AE9E-46A9-AEFF-FC1D2ACEDCC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.126\\(sp5c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "36AAB41E-781E-49A3-A596-619677D394FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.127\\(sp1c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DDC92852-7AC5-4F6F-9BAD-51ABFE87B02F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.128\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF5D8C88-4ACC-4663-904C-139D5F99C4C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.129\\(sp2c01\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE5185C7-F99C-471C-9718-CC08FFEA49A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.105\\(sp7c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E73291B7-8420-4AB4-945E-B8332F888A62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.106\\(sp3c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6672D5B9-6A8D-444E-BC41-1F6FA6ADAB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.107\\(sp5c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "188EBACC-FE71-4165-9DA5-D3C2A813E346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.107\\(sp7c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA6DE6B7-A8A4-4976-8A1F-08307B5C6B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.108\\(sp3c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "44AC9C14-A4A2-4C13-8AD0-48D62257A2FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.108\\(sp6c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8D7827E-EF4C-4B2B-9555-2F635FE9331A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.109\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "146DB107-58BC-46A1-9E3D-7A2C969FEE33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9EFA36-508E-42A6-83A5-D94273265400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.105\\(sp6c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C5C604B-34FA-4519-92DE-BCCEC2271E1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.106\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2385EEAB-9B82-4461-AE30-4B5E639A3A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.107\\(sp5c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11B6FE85-304B-4992-AA0C-0AD91AF057F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.107\\(sp7c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7BCF76DE-308E-404D-85EF-08A109E22B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.108\\(sp2c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BFF85F1B-9347-4923-98FE-F0E1A43BC17A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.108\\(sp6c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C636ADB6-FF53-46AF-BBD6-900EA2E2EFFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.109\\(sp5c00\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A364F9D-1052-4CFC-8D68-6EFA8336D04D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC84A74-7F01-4434-896C-B9B595984F23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed."
},
{
"lang": "es",
"value": "Algnos smartphones Huawei ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00) y 8.1.0.109(SP5C00) tienen una vulnerabilidad de omisi\u00f3n de seguridad de FRP (Factory Reset Protection). Al reconfigurar el tel\u00e9fono m\u00f3vil mediante la funci\u00f3n FRP, un atacante puede iniciar sesi\u00f3n en el flujo de configuraci\u00f3n por Gaode Map y puede realizar algunas operaciones para actualizar la cuenta de Google. Como resultado, se omite la funci\u00f3n FRP."
}
],
"id": "CVE-2018-7911",
"lastModified": "2024-11-21T04:12:57.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-23T14:29:04.437",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180822-01-frpbypass-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}