Vulnerabilites related to huawei - p30_pro
cve-2019-5228
Vulnerability from cvelistv5
Published
2019-11-12 22:42
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.
References
▼ | URL | Tags |
---|---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | P30, P30 Pro, Honor V20 |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.897Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P30, P30 Pro, Honor V20", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3)", }, ], }, ], descriptions: [ { lang: "en", value: "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Race Condition", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-12T22:42:29", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5228", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "P30, P30 Pro, Honor V20", version: { version_data: [ { version_value: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Race Condition", }, ], }, ], }, references: { reference_data: [ { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en", refsource: "MISC", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5228", datePublished: "2019-11-12T22:42:29", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.897Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9260
Vulnerability from cvelistv5
Published
2020-07-10 13:08
Modified
2024-08-04 10:26
Severity ?
EPSS score ?
Summary
HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30;HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.123(C432E22R2P5) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:26:15.803Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30;HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.123(C432E22R2P5)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-10T13:08:18", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9260", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30;HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.123(C432E22R2P5)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9260", datePublished: "2020-07-10T13:08:18", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:26:15.803Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9244
Vulnerability from cvelistv5
Published
2020-08-11 18:46
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20 |
Version: Versions earlier than 10.1.0.160(C00E160R3P8) Version: Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4) Version: Versions earlier than 10.1.0.160(C00E160R2P8) Version: Versions earlier than 10.1.0.160(C00E160R2P11) Version: Versions earlier than 10.1.0.160(C786E160R3P8) Version: Versions earlier than 10.0.0.187(C00E61R2P11) Version: Versions earlier than 10.0.0.175(C00E58R4P11) Version: Versions earlier than 10.0.0.194(C00E62R8P12) Version: Versions earlier than 10.0.0.188(C00E62R2P11) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.196Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R3P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C786E160R3P8)", }, { status: "affected", version: "Versions earlier than 10.0.0.187(C00E61R2P11)", }, { status: "affected", version: "Versions earlier than 10.0.0.175(C00E58R4P11)", }, { status: "affected", version: "Versions earlier than 10.0.0.194(C00E62R8P12)", }, { status: "affected", version: "Versions earlier than 10.0.0.188(C00E62R2P11)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged", }, ], problemTypes: [ { descriptions: [ { description: "Improper Authentication", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-11T18:46:13", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9244", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R3P8)", }, { version_value: "Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, { version_value: "Versions earlier than 10.1.0.160(C786E160R3P8)", }, { version_value: "Versions earlier than 10.0.0.187(C00E61R2P11)", }, { version_value: "Versions earlier than 10.0.0.175(C00E58R4P11)", }, { version_value: "Versions earlier than 10.0.0.194(C00E62R8P12)", }, { version_value: "Versions earlier than 10.0.0.187(C00E61R2P11)", }, { version_value: "Versions earlier than 10.0.0.188(C00E62R2P11)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9244", datePublished: "2020-08-11T18:46:13", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.196Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-1836
Vulnerability from cvelistv5
Published
2020-07-06 18:25
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30;HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P11) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.896Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30;HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-06T18:25:19", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-1836", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30;HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-1836", datePublished: "2020-07-06T18:25:19", dateReserved: "2019-11-29T00:00:00", dateUpdated: "2024-08-04T06:46:30.896Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5303
Vulnerability from cvelistv5
Published
2020-04-27 20:01
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Huawei | ALP-AL00B |
Version: Versions earlier than 9.1.0.333(C00E333R2P1T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ALP-AL00B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, { product: "ALP-L09", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.300(C432E4R1P9T8)", }, ], }, { product: "ALP-L29", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.315(C636E5R1P13T8)", }, ], }, { product: "BLA-L29C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.321(C636E4R1P14T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.330(C432E6R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.302(C635E4R1P13T8)", }, ], }, { product: "Berkeley-AL20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, { product: "Berkeley-L09", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.350(C10E3R1P14T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.350(C636E4R1P13T8)", }, ], }, { product: "Charlotte-L09C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.311(C185E4R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, ], }, { product: "Charlotte-L29C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.325(C185E4R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.335(C636E3R1P13T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.336(C605E3R1P12T8)", }, ], }, { product: "Columbia-AL10B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "Columbia-L29D", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.350(C461E3R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.350(C185E3R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.350(C10E5R1P14T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, ], }, { product: "Cornell-AL00A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "Cornell-L29A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.328(C185E1R1P9T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.328(C432E1R1P9T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.330(C461E1R1P9T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.328(C636E2R1P12T8)", }, ], }, { product: "Emily-L09C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.336(C605E4R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.311(C185E2R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.345(C432E10R1P12T8)", }, ], }, { product: "Emily-L29C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.311(C605E2R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.311(C636E7R1P13T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.311(C432E7R1P11T8)", }, ], }, { product: "Ever-L29B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.311(C185E3R3P1)", }, ], }, { product: "HUAWEI Mate 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.131(C00E131R3P1)", }, ], }, { product: "HUAWEI Mate 20 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.310(C185E10R2P1)", }, ], }, { product: "HUAWEI Mate 20 RS", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.135(C786E133R3P1)", }, ], }, { product: "HUAWEI Mate 20 X", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.135(C00E133R2P1)", }, ], }, { product: "HUAWEI P20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "HUAWEI P20 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "HUAWEI P30", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.193", }, ], }, { product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.186(C00E180R2P1)", }, ], }, { product: "HUAWEI Y9 2019", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.220(C605E3R1P1T8)", }, ], }, { product: "HUAWEI nova lite 3", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.305(C635E8R2P2)", }, ], }, { product: "Honor 10 Lite", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.283(C605E8R2P2)", }, ], }, { product: "Honor 8X", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.221(C461E2R1P1T8)", }, ], }, { product: "Honor View 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.238(C432E1R3P1)", }, ], }, { product: "Jackman-L22", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.247(C636E2R4P1T8)", }, ], }, { product: "Paris-L21B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.331(C432E1R1P2T8)", }, ], }, { product: "Paris-L21MEB", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.331(C185E4R1P3T8)", }, ], }, { product: "Paris-L29B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.331(C636E1R1P3T8)", }, ], }, { product: "Sydney-AL00", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.212(C00E62R1P7T8)", }, ], }, { product: "Sydney-L21", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.215(C432E1R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, ], }, { product: "Sydney-L21BR", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.213(C185E1R1P2T8)", }, ], }, { product: "Sydney-L22", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, { product: "Sydney-L22BR", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, { product: "SydneyM-AL00", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.228(C00E78R1P7T8)", }, ], }, { product: "SydneyM-L01", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.215(C782E2R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.270(C432E3R1P1T8)", }, ], }, { product: "SydneyM-L03", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.217(C605E1R1P1T8)", }, ], }, { product: "SydneyM-L21", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.221(C461E1R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.215(C432E4R1P1T8)", }, ], }, { product: "SydneyM-L22", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.259(C185E1R1P2T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.220(C635E1R1P2T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.216(C569E1R1P1T8)", }, ], }, { product: "SydneyM-L23", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.226(C605E2R1P1T8)", }, ], }, { product: "Yale-L21A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.154(C432E2R3P2)", }, { status: "affected", version: "Versions earlier than 9.1.0.154(C461E2R2P1)", }, { status: "affected", version: "Versions earlier than 9.1.0.154(C636E2R2P1)", }, ], }, { product: "Honor 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.152(C00E150R5P1)", }, ], }, { product: "Honor Magic2", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.0.0.187", }, ], }, { product: "Honor V20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.234(C00E234R4P3)", }, ], }, ], descriptions: [ { lang: "en", value: "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-27T20:01:02", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ALP-AL00B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, }, { product_name: "ALP-L09", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.300(C432E4R1P9T8)", }, ], }, }, { product_name: "ALP-L29", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.315(C636E5R1P13T8)", }, ], }, }, { product_name: "BLA-L29C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.321(C636E4R1P14T8)", }, { version_value: "Versions earlier than 9.1.0.330(C432E6R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.302(C635E4R1P13T8)", }, ], }, }, { product_name: "Berkeley-AL20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, }, { product_name: "Berkeley-L09", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.350(C10E3R1P14T8)", }, { version_value: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, { version_value: "Versions earlier than 9.1.0.350(C636E4R1P13T8)", }, ], }, }, { product_name: "Charlotte-L09C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.311(C185E4R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, ], }, }, ], }, vendor_name: "Huawei", }, { product: { product_data: [ { product_name: "Charlotte-L29C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.325(C185E4R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.335(C636E3R1P13T8)", }, { version_value: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.336(C605E3R1P12T8)", }, ], }, }, { product_name: "Columbia-AL10B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "Columbia-L29D", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.350(C461E3R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.350(C185E3R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.350(C10E5R1P14T8)", }, { version_value: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, ], }, }, { product_name: "Cornell-AL00A", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "Cornell-L29A", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.328(C185E1R1P9T8)", }, { version_value: "Versions earlier than 9.1.0.328(C432E1R1P9T8)", }, { version_value: "Versions earlier than 9.1.0.330(C461E1R1P9T8)", }, { version_value: "Versions earlier than 9.1.0.328(C636E2R1P12T8)", }, ], }, }, { product_name: "Emily-L09C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.336(C605E4R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.311(C185E2R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.345(C432E10R1P12T8)", }, ], }, }, { product_name: "Emily-L29C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.311(C605E2R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.311(C636E7R1P13T8)", }, { version_value: "Versions earlier than 9.1.0.311(C432E7R1P11T8)", }, ], }, }, { product_name: "Ever-L29B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.311(C185E3R3P1)", }, ], }, }, ], }, vendor_name: "Huawei", }, { product: { product_data: [ { product_name: "HUAWEI Mate 20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.131(C00E131R3P1)", }, ], }, }, { product_name: "HUAWEI Mate 20 Pro", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.310(C185E10R2P1)", }, ], }, }, { product_name: "HUAWEI Mate 20 RS", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.135(C786E133R3P1)", }, ], }, }, { product_name: "HUAWEI Mate 20 X", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.135(C00E133R2P1)", }, ], }, }, { product_name: "HUAWEI P20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "HUAWEI P20 Pro", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "HUAWEI P30", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.193", }, ], }, }, { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.186(C00E180R2P1)", }, ], }, }, { product_name: "HUAWEI Y9 2019", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.220(C605E3R1P1T8)", }, ], }, }, { product_name: "HUAWEI nova lite 3", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.305(C635E8R2P2)", }, ], }, }, { product_name: "Honor 10 Lite", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.283(C605E8R2P2)", }, ], }, }, { product_name: "Honor 8X", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.221(C461E2R1P1T8)", }, ], }, }, { product_name: "Honor View 20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.238(C432E1R3P1)", }, ], }, }, { product_name: "Jackman-L22", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.247(C636E2R4P1T8)", }, ], }, }, { product_name: "Paris-L21B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.331(C432E1R1P2T8)", }, ], }, }, { product_name: "Paris-L21MEB", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.331(C185E4R1P3T8)", }, ], }, }, { product_name: "Paris-L29B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.331(C636E1R1P3T8)", }, ], }, }, { product_name: "Sydney-AL00", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.212(C00E62R1P7T8)", }, ], }, }, ], }, vendor_name: "Huawei", }, { product: { product_data: [ { product_name: "Sydney-L21", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.215(C432E1R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, ], }, }, { product_name: "Sydney-L21BR", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.213(C185E1R1P2T8)", }, ], }, }, { product_name: "Sydney-L22", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, }, { product_name: "Sydney-L22BR", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, }, { product_name: "SydneyM-AL00", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.228(C00E78R1P7T8)", }, ], }, }, { product_name: "SydneyM-L01", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.215(C782E2R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.270(C432E3R1P1T8)", }, ], }, }, { product_name: "SydneyM-L03", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.217(C605E1R1P1T8)", }, ], }, }, { product_name: "SydneyM-L21", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.221(C461E1R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.215(C432E4R1P1T8)", }, ], }, }, { product_name: "SydneyM-L22", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.259(C185E1R1P2T8)", }, { version_value: "Versions earlier than 9.1.0.220(C635E1R1P2T8)", }, { version_value: "Versions earlier than 9.1.0.216(C569E1R1P1T8)", }, ], }, }, { product_name: "SydneyM-L23", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.226(C605E2R1P1T8)", }, ], }, }, { product_name: "Yale-L21A", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.154(C432E2R3P2)", }, { version_value: "Versions earlier than 9.1.0.154(C461E2R2P1)", }, { version_value: "Versions earlier than 9.1.0.154(C636E2R2P1)", }, ], }, }, { product_name: "Honor 20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.152(C00E150R5P1)", }, ], }, }, { product_name: "Honor Magic2", version: { version_data: [ { version_value: "Versions earlier than 10.0.0.187", }, ], }, }, { product_name: "Honor V20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.234(C00E234R4P3)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5303", datePublished: "2020-04-27T20:01:02", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.218Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5307
Vulnerability from cvelistv5
Published
2019-06-04 18:55
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei | P30,P30 Pro |
Version: The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) Version: The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.216Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P30,P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, { status: "affected", version: "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, ], }, ], datePublic: "2019-05-29T00:00:00", descriptions: [ { lang: "en", value: "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)", }, ], problemTypes: [ { descriptions: [ { description: "message replay", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-04T18:55:48", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5307", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "P30,P30 Pro", version: { version_data: [ { version_value: "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, { version_value: "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "message replay", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5307", datePublished: "2019-06-04T18:55:48", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.216Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0022
Vulnerability from cvelistv5
Published
2020-02-13 14:21
Modified
2024-08-04 05:47
Severity ?
EPSS score ?
Summary
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
References
▼ | URL | Tags |
---|---|---|
https://source.android.com/security/bulletin/2020-02-01 | x_refsource_MISC | |
http://seclists.org/fulldisclosure/2020/Feb/10 | mailing-list, x_refsource_FULLDISC | |
http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html | x_refsource_MISC | |
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "android", vendor: "google", versions: [ { status: "affected", version: "8.0", }, ], }, { cpes: [ "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "android", vendor: "google", versions: [ { status: "affected", version: "9.0", }, ], }, { cpes: [ "cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "android", vendor: "google", versions: [ { status: "affected", version: "10.0", }, ], }, { cpes: [ "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "android", vendor: "google", versions: [ { status: "affected", version: "8.1", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2020-0022", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-28T13:54:56.691635Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-682", description: "CWE-682 Incorrect Calculation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-28T14:00:17.318Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T05:47:40.847Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://source.android.com/security/bulletin/2020-02-01", }, { name: "20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2020/Feb/10", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Android", vendor: "n/a", versions: [ { status: "affected", version: "Android-8.0 Android-8.1 Android-9 Android-10", }, ], }, ], descriptions: [ { lang: "en", value: "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715", }, ], problemTypes: [ { descriptions: [ { description: "Denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-13T13:06:27", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://source.android.com/security/bulletin/2020-02-01", }, { name: "20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2020/Feb/10", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2020-0022", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Android", version: { version_data: [ { version_value: "Android-8.0 Android-8.1 Android-9 Android-10", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://source.android.com/security/bulletin/2020-02-01", refsource: "MISC", url: "https://source.android.com/security/bulletin/2020-02-01", }, { name: "20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2020/Feb/10", }, { name: "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2020-0022", datePublished: "2020-02-13T14:21:41", dateReserved: "2019-10-17T00:00:00", dateUpdated: "2024-08-04T05:47:40.847Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9076
Vulnerability from cvelistv5
Published
2020-06-15 15:07
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B |
Version: Versions earlier than 10.1.0.135(C00E135R2P11) Version: Versions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8) Version: Versions earlier than 10.1.0.137(C00E137R2P11) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:19.771Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.135(C00E135R2P11)", }, { status: "affected", version: "Versions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.137(C00E137R2P11)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.", }, ], problemTypes: [ { descriptions: [ { description: "Improper Authentication", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-15T15:07:13", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9076", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.135(C00E135R2P11)", }, { version_value: "Versions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8)", }, { version_value: "Versions earlier than 10.1.0.137(C00E137R2P11)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9076", datePublished: "2020-06-15T15:07:13", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:19.771Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9109
Vulnerability from cvelistv5
Published
2020-10-12 13:39
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI Mate 20;HUAWEI Mate 20 X;HUAWEI P30 Pro;Laya-AL00EP;Tony-AL00B;Tony-TL00B |
Version: Versions earlier than 10.1.0.160(C00E160R3P8),Versions earlier than 10.1.0.160(C01E160R2P8) Version: Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8) Version: Versions earlier than 10.1.0.160(C00E160R2P8) Version: Versions earlier than 10.1.0.160(C786E160R3P8) Version: Versions earlier than 10.1.0.160(C00E160R2P11) Version: Versions earlier than 10.1.0.160(C01E160R2P11) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:19.969Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI Mate 20;HUAWEI Mate 20 X;HUAWEI P30 Pro;Laya-AL00EP;Tony-AL00B;Tony-TL00B", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R3P8),Versions earlier than 10.1.0.160(C01E160R2P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C786E160R3P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C01E160R2P11)", }, ], }, ], descriptions: [ { lang: "en", value: "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-12T13:39:33", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9109", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI Mate 20;HUAWEI Mate 20 X;HUAWEI P30 Pro;Laya-AL00EP;Tony-AL00B;Tony-TL00B", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R3P8),Versions earlier than 10.1.0.160(C01E160R2P8)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, { version_value: "Versions earlier than 10.1.0.160(C786E160R3P8)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, { version_value: "Versions earlier than 10.1.0.160(C01E160R2P11)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9109", datePublished: "2020-10-12T13:39:33", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:19.969Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9096
Vulnerability from cvelistv5
Published
2020-08-21 13:20
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:19.593Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.", }, ], problemTypes: [ { descriptions: [ { description: "Out Of Bound Read", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-21T13:20:40", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9096", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out Of Bound Read", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9096", datePublished: "2020-08-21T13:20:40", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:19.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5225
Vulnerability from cvelistv5
Published
2019-11-29 19:01
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | P30, Mate 20, P30 Pro |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.746Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P30, Mate 20, P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12)", }, ], }, ], descriptions: [ { lang: "en", value: "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.", }, ], problemTypes: [ { descriptions: [ { description: "buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-29T19:01:17", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5225", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "P30, Mate 20, P30 Pro", version: { version_data: [ { version_value: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "buffer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5225", datePublished: "2019-11-29T19:01:17", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.746Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9506
Vulnerability from cvelistv5
Published
2019-08-14 16:27
Modified
2024-09-16 19:14
Severity ?
EPSS score ?
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:54:44.303Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "VU#918987", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/918987/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/", }, { name: "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Aug/14", }, { name: "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Aug/11", }, { name: "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Aug/13", }, { name: "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Aug/15", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en", }, { name: "USN-4115-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4115-1/", }, { name: "USN-4118-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4118-1/", }, { name: "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html", }, { name: "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html", }, { name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html", }, { name: "USN-4147-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4147-1/", }, { name: "RHSA-2019:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2975", }, { name: "openSUSE-SU-2019:2307", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html", }, { name: "openSUSE-SU-2019:2308", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html", }, { name: "RHSA-2019:3076", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3076", }, { name: "RHSA-2019:3055", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3055", }, { name: "RHSA-2019:3089", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3089", }, { name: "RHSA-2019:3187", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3187", }, { name: "RHSA-2019:3165", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3165", }, { name: "RHSA-2019:3217", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3217", }, { name: "RHSA-2019:3220", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3220", }, { name: "RHSA-2019:3231", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3231", }, { name: "RHSA-2019:3218", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3218", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { name: "RHSA-2020:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "N/A", ], product: "BR/EDR", vendor: "Bluetooth", versions: [ { lessThanOrEqual: "5.1", status: "affected", version: "5.1", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Daniele Antonioli‚ Nils Ole Tippenhauer, Kasper Rasmussen", }, ], datePublic: "2019-08-14T00:00:00", descriptions: [ { lang: "en", value: "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-310", description: "CWE-310 Cryptographic Issues", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-30T10:06:23", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "VU#918987", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/918987/", }, { tags: [ "x_refsource_MISC", ], url: "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/", }, { name: "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Aug/14", }, { name: "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Aug/11", }, { name: "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Aug/13", }, { name: "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Aug/15", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en", }, { name: "USN-4115-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4115-1/", }, { name: "USN-4118-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4118-1/", }, { name: "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html", }, { name: "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html", }, { name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html", }, { name: "USN-4147-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4147-1/", }, { name: "RHSA-2019:2975", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2975", }, { name: "openSUSE-SU-2019:2307", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html", }, { name: "openSUSE-SU-2019:2308", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html", }, { name: "RHSA-2019:3076", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3076", }, { name: "RHSA-2019:3055", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3055", }, { name: "RHSA-2019:3089", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3089", }, { name: "RHSA-2019:3187", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3187", }, { name: "RHSA-2019:3165", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3165", }, { name: "RHSA-2019:3217", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3217", }, { name: "RHSA-2019:3220", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3220", }, { name: "RHSA-2019:3231", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3231", }, { name: "RHSA-2019:3218", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3218", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { name: "RHSA-2020:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, ], source: { advisory: "VU#918987", defect: [ "VU#918987", ], discovery: "EXTERNAL", }, title: "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation", workarounds: [ { lang: "en", value: "Bluetooth SIG Expedited Errata Correction 11838", }, ], x_generator: { engine: "Vulnogram 0.0.7", }, x_legacyV4Record: { CVE_data_meta: { AKA: "KNOB", ASSIGNER: "cert@cert.org", DATE_PUBLIC: "2019-08-14", ID: "CVE-2019-9506", STATE: "PUBLIC", TITLE: "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BR/EDR", version: { version_data: [ { platform: "N/A", version_affected: "<=", version_name: "5.1", version_value: "5.1", }, ], }, }, ], }, vendor_name: "Bluetooth", }, ], }, }, credit: [ { lang: "eng", value: "Daniele Antonioli‚ Nils Ole Tippenhauer, Kasper Rasmussen", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.", }, ], }, generator: { engine: "Vulnogram 0.0.7", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-310 Cryptographic Issues", }, ], }, ], }, references: { reference_data: [ { name: "VU#918987", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/918987/", }, { name: "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html", refsource: "MISC", url: "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html", }, { name: "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli", refsource: "MISC", url: "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli", }, { name: "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/", refsource: "CONFIRM", url: "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/", }, { name: "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Aug/14", }, { name: "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Aug/11", }, { name: "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Aug/13", }, { name: "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Aug/15", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en", }, { name: "USN-4115-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4115-1/", }, { name: "USN-4118-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4118-1/", }, { name: "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html", }, { name: "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html", }, { name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html", }, { name: "USN-4147-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4147-1/", }, { name: "RHSA-2019:2975", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2975", }, { name: "openSUSE-SU-2019:2307", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html", }, { name: "openSUSE-SU-2019:2308", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html", }, { name: "RHSA-2019:3076", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3076", }, { name: "RHSA-2019:3055", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3055", }, { name: "RHSA-2019:3089", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3089", }, { name: "RHSA-2019:3187", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3187", }, { name: "RHSA-2019:3165", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3165", }, { name: "RHSA-2019:3217", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3217", }, { name: "RHSA-2019:3220", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3220", }, { name: "RHSA-2019:3231", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3231", }, { name: "RHSA-2019:3218", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3218", }, { name: "RHSA-2019:3309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { name: "RHSA-2020:0204", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0204", }, ], }, source: { advisory: "VU#918987", defect: [ "VU#918987", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "Bluetooth SIG Expedited Errata Correction 11838", }, ], }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2019-9506", datePublished: "2019-08-14T16:27:45.059869Z", dateReserved: "2019-03-01T00:00:00", dateUpdated: "2024-09-16T19:14:13.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5302
Vulnerability from cvelistv5
Published
2020-04-27 19:50
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Huawei | Sydney-L21 |
Version: Versions earlier than 9.1.0.215(C432E1R1P1T8) Version: Versions earlier than 9.1.0.213(C185E1R1P1T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:52.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Sydney-L21", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.215(C432E1R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, ], }, { product: "Sydney-L21BR", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.213(C185E1R1P2T8)", }, ], }, { product: "Sydney-L22", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, { product: "Sydney-L22BR", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, { product: "SydneyM-AL00", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.228(C00E78R1P7T8)", }, ], }, { product: "SydneyM-L01", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.215(C782E2R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.270(C432E3R1P1T8)", }, ], }, { product: "SydneyM-L03", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.217(C605E1R1P1T8)", }, ], }, { product: "SydneyM-L21", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.221(C461E1R1P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.215(C432E4R1P1T8)", }, ], }, { product: "SydneyM-L22", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.259(C185E1R1P2T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.220(C635E1R1P2T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.216(C569E1R1P1T8)", }, ], }, { product: "SydneyM-L23", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.226(C605E2R1P1T8)", }, ], }, { product: "Yale-L21A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.154(C432E2R3P2)", }, { status: "affected", version: "Versions earlier than 9.1.0.154(C461E2R2P1)", }, { status: "affected", version: "Versions earlier than 9.1.0.154(C636E2R2P1)", }, ], }, { product: "Honor 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.152(C00E150R5P1)", }, ], }, { product: "Honor Magic2", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.0.0.187", }, ], }, { product: "Honor V20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.234(C00E234R4P3)", }, ], }, { product: "HUAWEI Mate 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.131(C00E131R3P1)", }, ], }, { product: "HUAWEI Mate 20 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.310(C185E10R2P1)", }, ], }, { product: "HUAWEI Mate 20 RS", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.135(C786E133R3P1)", }, ], }, { product: "HUAWEI Mate 20 X", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.135(C00E133R2P1)", }, ], }, { product: "HUAWEI P20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "HUAWEI P20 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "HUAWEI P30", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.193", }, ], }, { product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.186(C00E180R2P1)", }, ], }, { product: "HUAWEI Y9 2019", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.220(C605E3R1P1T8)", }, ], }, { product: "HUAWEI nova lite 3", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.305(C635E8R2P2)", }, ], }, { product: "Honor 10 Lite", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.283(C605E8R2P2)", }, ], }, { product: "Honor 8X", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.221(C461E2R1P1T8)", }, ], }, { product: "Honor View 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.238(C432E1R3P1)", }, ], }, { product: "Jackman-L22", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.247(C636E2R4P1T8)", }, ], }, { product: "Paris-L21B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.331(C432E1R1P2T8)", }, ], }, { product: "Paris-L21MEB", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.331(C185E4R1P3T8)", }, ], }, { product: "Paris-L29B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.331(C636E1R1P3T8)", }, ], }, { product: "Sydney-AL00", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.212(C00E62R1P7T8)", }, ], }, { product: "Charlotte-L29C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.325(C185E4R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.335(C636E3R1P13T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.336(C605E3R1P12T8)", }, ], }, { product: "Columbia-AL10B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "Columbia-L29D", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.350(C461E3R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.350(C185E3R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.350(C10E5R1P14T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, ], }, { product: "Cornell-AL00A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, { product: "Cornell-L29A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.328(C185E1R1P9T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.328(C432E1R1P9T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.330(C461E1R1P9T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.328(C636E2R1P12T8)", }, ], }, { product: "Emily-L09C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.336(C605E4R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.311(C185E2R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.345(C432E10R1P12T8)", }, ], }, { product: "Emily-L29C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.311(C605E2R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.311(C636E7R1P13T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.311(C432E7R1P11T8)", }, ], }, { product: "Ever-L29B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.311(C185E3R3P1)", }, ], }, { product: "ALP-AL00B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, { product: "ALP-L09", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.300(C432E4R1P9T8)", }, ], }, { product: "ALP-L29", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.315(C636E5R1P13T8)", }, ], }, { product: "BLA-L29C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.321(C636E4R1P14T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.330(C432E6R1P12T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.302(C635E4R1P13T8)", }, ], }, { product: "Berkeley-AL20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, { product: "Berkeley-L09", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.350(C10E3R1P14T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.350(C636E4R1P13T8)", }, ], }, { product: "Charlotte-L09C", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.311(C185E4R1P11T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, ], }, ], descriptions: [ { lang: "en", value: "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-27T19:50:50", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5302", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Sydney-L21", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.215(C432E1R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, ], }, }, { product_name: "Sydney-L21BR", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.213(C185E1R1P2T8)", }, ], }, }, { product_name: "Sydney-L22", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, }, { product_name: "Sydney-L22BR", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.258(C636E1R1P1T8)", }, ], }, }, { product_name: "SydneyM-AL00", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.228(C00E78R1P7T8)", }, ], }, }, { product_name: "SydneyM-L01", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.215(C782E2R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.213(C185E1R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.270(C432E3R1P1T8)", }, ], }, }, { product_name: "SydneyM-L03", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.217(C605E1R1P1T8)", }, ], }, }, { product_name: "SydneyM-L21", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.221(C461E1R1P1T8)", }, { version_value: "Versions earlier than 9.1.0.215(C432E4R1P1T8)", }, ], }, }, { product_name: "SydneyM-L22", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.259(C185E1R1P2T8)", }, { version_value: "Versions earlier than 9.1.0.220(C635E1R1P2T8)", }, { version_value: "Versions earlier than 9.1.0.216(C569E1R1P1T8)", }, ], }, }, { product_name: "SydneyM-L23", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.226(C605E2R1P1T8)", }, ], }, }, { product_name: "Yale-L21A", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.154(C432E2R3P2)", }, { version_value: "Versions earlier than 9.1.0.154(C461E2R2P1)", }, { version_value: "Versions earlier than 9.1.0.154(C636E2R2P1)", }, ], }, }, { product_name: "Honor 20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.152(C00E150R5P1)", }, ], }, }, { product_name: "Honor Magic2", version: { version_data: [ { version_value: "Versions earlier than 10.0.0.187", }, ], }, }, { product_name: "Honor V20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.234(C00E234R4P3)", }, ], }, }, ], }, vendor_name: "Huawei", }, { product: { product_data: [ { product_name: "HUAWEI Mate 20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.131(C00E131R3P1)", }, ], }, }, { product_name: "HUAWEI Mate 20 Pro", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.310(C185E10R2P1)", }, ], }, }, { product_name: "HUAWEI Mate 20 RS", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.135(C786E133R3P1)", }, ], }, }, { product_name: "HUAWEI Mate 20 X", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.135(C00E133R2P1)", }, ], }, }, { product_name: "HUAWEI P20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "HUAWEI P20 Pro", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "HUAWEI P30", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.193", }, ], }, }, { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.186(C00E180R2P1)", }, ], }, }, { product_name: "HUAWEI Y9 2019", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.220(C605E3R1P1T8)", }, ], }, }, { product_name: "HUAWEI nova lite 3", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.305(C635E8R2P2)", }, ], }, }, { product_name: "Honor 10 Lite", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.283(C605E8R2P2)", }, ], }, }, { product_name: "Honor 8X", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.221(C461E2R1P1T8)", }, ], }, }, { product_name: "Honor View 20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.238(C432E1R3P1)", }, ], }, }, { product_name: "Jackman-L22", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.247(C636E2R4P1T8)", }, ], }, }, { product_name: "Paris-L21B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.331(C432E1R1P2T8)", }, ], }, }, { product_name: "Paris-L21MEB", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.331(C185E4R1P3T8)", }, ], }, }, { product_name: "Paris-L29B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.331(C636E1R1P3T8)", }, ], }, }, { product_name: "Sydney-AL00", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.212(C00E62R1P7T8)", }, ], }, }, ], }, vendor_name: "Huawei", }, { product: { product_data: [ { product_name: "Charlotte-L29C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.325(C185E4R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.335(C636E3R1P13T8)", }, { version_value: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.336(C605E3R1P12T8)", }, ], }, }, { product_name: "Columbia-AL10B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "Columbia-L29D", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.350(C461E3R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.350(C185E3R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.350(C10E5R1P14T8)", }, { version_value: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, ], }, }, { product_name: "Cornell-AL00A", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R1P1T8)", }, ], }, }, { product_name: "Cornell-L29A", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.328(C185E1R1P9T8)", }, { version_value: "Versions earlier than 9.1.0.328(C432E1R1P9T8)", }, { version_value: "Versions earlier than 9.1.0.330(C461E1R1P9T8)", }, { version_value: "Versions earlier than 9.1.0.328(C636E2R1P12T8)", }, ], }, }, { product_name: "Emily-L09C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.336(C605E4R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.311(C185E2R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.345(C432E10R1P12T8)", }, ], }, }, { product_name: "Emily-L29C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.311(C605E2R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.311(C636E7R1P13T8)", }, { version_value: "Versions earlier than 9.1.0.311(C432E7R1P11T8)", }, ], }, }, { product_name: "Ever-L29B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.311(C185E3R3P1)", }, ], }, }, ], }, vendor_name: "Huawei", }, { product: { product_data: [ { product_name: "ALP-AL00B", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, }, { product_name: "ALP-L09", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.300(C432E4R1P9T8)", }, ], }, }, { product_name: "ALP-L29", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.315(C636E5R1P13T8)", }, ], }, }, { product_name: "BLA-L29C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.321(C636E4R1P14T8)", }, { version_value: "Versions earlier than 9.1.0.330(C432E6R1P12T8)", }, { version_value: "Versions earlier than 9.1.0.302(C635E4R1P13T8)", }, ], }, }, { product_name: "Berkeley-AL20", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, ], }, }, { product_name: "Berkeley-L09", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.350(C10E3R1P14T8)", }, { version_value: "Versions earlier than 9.1.0.351(C432E5R1P13T8)", }, { version_value: "Versions earlier than 9.1.0.350(C636E4R1P13T8)", }, ], }, }, { product_name: "Charlotte-L09C", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.311(C185E4R1P11T8)", }, { version_value: "Versions earlier than 9.1.0.345(C432E8R1P11T8)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5302", datePublished: "2020-04-27T19:50:50", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:52.990Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5251
Vulnerability from cvelistv5
Published
2019-12-13 14:30
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s |
Version: Versions earlier than 9.1.0.333(C00E333R2P1T8) Version: Versions earlier than 9.1.0.226(C00E220R2P1) Version: Versions earlier than 9.1.0.130(C00E115R2P8T8) Version: Versions earlier than 9.1.0.139(C00E133R3P1) Version: Versions earlier than 9.1.0.130(C00E112R2P10T8) Version: Versions earlier than 9.1.0.143(C636E5R1P5T8) Version: Versions earlier than 9.1.0.120(C00E113R1P6T8) Version: Versions earlier than 9.1.1.150(C00E150R1P150) Version: Versions earlier than 9.1.0.226(C00E210R2P1) Version: Versions earlier than 9.1.1.132(C00E131R6P1) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.813Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.226(C00E220R2P1)", }, { status: "affected", version: "Versions earlier than 9.1.0.130(C00E115R2P8T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.139(C00E133R3P1)", }, { status: "affected", version: "Versions earlier than 9.1.0.130(C00E112R2P10T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.143(C636E5R1P5T8)", }, { status: "affected", version: "Versions earlier than 9.1.0.120(C00E113R1P6T8)", }, { status: "affected", version: "Versions earlier than 9.1.1.150(C00E150R1P150)", }, { status: "affected", version: "Versions earlier than 9.1.0.226(C00E210R2P1)", }, { status: "affected", version: "Versions earlier than 9.1.1.132(C00E131R6P1)", }, ], }, ], descriptions: [ { lang: "en", value: "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "Path Traversal", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-13T14:30:18", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5251", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s", version: { version_data: [ { version_value: "Versions earlier than 9.1.0.333(C00E333R2P1T8)", }, { version_value: "Versions earlier than 9.1.0.226(C00E220R2P1)", }, { version_value: "Versions earlier than 9.1.0.130(C00E115R2P8T8)", }, { version_value: "Versions earlier than 9.1.0.139(C00E133R3P1)", }, { version_value: "Versions earlier than 9.1.0.130(C00E112R2P10T8)", }, { version_value: "Versions earlier than 9.1.0.143(C636E5R1P5T8)", }, { version_value: "Versions earlier than 9.1.0.120(C00E113R1P6T8)", }, { version_value: "Versions earlier than 9.1.1.150(C00E150R1P150)", }, { version_value: "Versions earlier than 9.1.0.226(C00E210R2P1)", }, { version_value: "Versions earlier than 9.1.1.132(C00E131R6P1)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Path Traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5251", datePublished: "2019-12-13T14:30:18", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.813Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-1834
Vulnerability from cvelistv5
Published
2020-06-18 13:57
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30;HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.135(C00E135R2P11) Version: Versions earlier than 10.1.0.135(C00E135R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.899Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30;HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.135(C00E135R2P11)", }, { status: "affected", version: "Versions earlier than 10.1.0.135(C00E135R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient Integrity Check", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T13:57:07", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-1834", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30;HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.135(C00E135R2P11)", }, { version_value: "Versions earlier than 10.1.0.135(C00E135R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient Integrity Check", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-1834", datePublished: "2020-06-18T13:57:07", dateReserved: "2019-11-29T00:00:00", dateUpdated: "2024-08-04T06:46:30.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9257
Vulnerability from cvelistv5
Published
2020-07-17 22:41
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.123(C432E19R2P5patch02) Version: Versions earlier than 10.1.0.126(C10E11R5P1) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.088Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.123(C432E19R2P5patch02)", }, { status: "affected", version: "Versions earlier than 10.1.0.126(C10E11R5P1)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Buffer Overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-17T22:41:36", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9257", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.123(C432E19R2P5patch02)", }, { version_value: "Versions earlier than 10.1.0.126(C10E11R5P1)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9257", datePublished: "2020-07-17T22:41:36", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9247
Vulnerability from cvelistv5
Published
2020-12-07 12:49
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Huawei | HONOR 20 PRO |
Version: unspecified < 10.1.0.230(C432E9R5P1) Version: unspecified < 10.1.0.231(C10E3R3P2) |
||||||||||||||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.138Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HONOR 20 PRO", vendor: "Huawei", versions: [ { lessThan: "10.1.0.230(C432E9R5P1)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.231(C10E3R3P2)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "HUAWEI Mate 20", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C00E160R3P8)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "HUAWEI Mate 20 Pro", vendor: "Huawei", versions: [ { lessThan: "10.1.0.270(C432E7R1P5)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.270(C635E3R1P5)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.273(C185E7R2P4)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.273(C636E7R2P4)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.277(C10E7R2P4)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.277(C605E7R1P5)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "HUAWEI Mate 20 X", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C00E160R2P8)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "HUAWEI P30", vendor: "Huawei", versions: [ { status: "affected", version: "9.1.0.272(C635E4R2P2)", }, { lessThan: "10.1.0.123(C432E22R2P5)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.126(C10E7R5P1)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.126(C185E4R7P1)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.126(C605E19R1P3)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.126(C636E5R3P4)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.126(C636E7R3P4)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C00E160R2P8)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Hima-L29C", vendor: "Huawei", versions: [ { lessThan: "10.1.0.273(C185E5R2P4)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.273(C636E5R2P4)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.275(C10E4R2P4)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Laya-AL00EP", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C786E160R3P8)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Princeton-AL10B", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C00E160R2P11)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Tony-AL00B", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C00E160R2P11)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Yale-L61A", vendor: "Huawei", versions: [ { lessThan: "10.1.0.225(C432E3R1P2)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "10.1.0.226(C10E3R1P1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "Yale-TL00B", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C01E160R8P12)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "YaleP-AL10B", vendor: "Huawei", versions: [ { lessThan: "10.1.0.160(C00E160R8P12)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-07T12:49:00", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", }, ], source: { advisory: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9247", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HONOR 20 PRO", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.230(C432E9R5P1)", }, { version_affected: "<", version_value: "10.1.0.231(C10E3R3P2)", }, ], }, }, { product_name: "HUAWEI Mate 20", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C00E160R3P8)", }, ], }, }, { product_name: "HUAWEI Mate 20 Pro", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.270(C432E7R1P5)", }, { version_affected: "<", version_value: "10.1.0.270(C635E3R1P5)", }, { version_affected: "<", version_value: "10.1.0.273(C185E7R2P4)", }, { version_affected: "<", version_value: "10.1.0.273(C636E7R2P4)", }, { version_affected: "<", version_value: "10.1.0.277(C10E7R2P4)", }, { version_affected: "<", version_value: "10.1.0.277(C605E7R1P5)", }, ], }, }, { product_name: "HUAWEI Mate 20 X", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C00E160R2P8)", }, ], }, }, { product_name: "HUAWEI P30", version: { version_data: [ { version_affected: "=", version_value: "9.1.0.272(C635E4R2P2)", }, { version_affected: "<", version_value: "10.1.0.123(C432E22R2P5)", }, { version_affected: "<", version_value: "10.1.0.126(C10E7R5P1)", }, { version_affected: "<", version_value: "10.1.0.126(C185E4R7P1)", }, { version_affected: "<", version_value: "10.1.0.126(C605E19R1P3)", }, { version_affected: "<", version_value: "10.1.0.126(C636E5R3P4)", }, { version_affected: "<", version_value: "10.1.0.126(C636E7R3P4)", }, ], }, }, { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C00E160R2P8)", }, ], }, }, { product_name: "Hima-L29C", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.273(C185E5R2P4)", }, { version_affected: "<", version_value: "10.1.0.273(C636E5R2P4)", }, { version_affected: "<", version_value: "10.1.0.275(C10E4R2P4)", }, ], }, }, { product_name: "Laya-AL00EP", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C786E160R3P8)", }, ], }, }, { product_name: "Princeton-AL10B", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C00E160R2P11)", }, ], }, }, { product_name: "Tony-AL00B", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C00E160R2P11)", }, ], }, }, { product_name: "Yale-L61A", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.225(C432E3R1P2)", }, { version_affected: "<", version_value: "10.1.0.226(C10E3R1P1)", }, ], }, }, { product_name: "Yale-TL00B", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C01E160R8P12)", }, ], }, }, { product_name: "YaleP-AL10B", version: { version_data: [ { version_affected: "<", version_value: "10.1.0.160(C00E160R8P12)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120 Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", }, ], }, source: { advisory: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9247", datePublished: "2020-12-07T12:49:00", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.138Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9108
Vulnerability from cvelistv5
Published
2020-10-12 13:27
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.033Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.", }, ], problemTypes: [ { descriptions: [ { description: "Out-of-bounds Read and Write", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-12T13:27:20", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9108", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out-of-bounds Read and Write", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9108", datePublished: "2020-10-12T13:27:20", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.033Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5215
Vulnerability from cvelistv5
Published
2019-06-04 18:44
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei | P30,P30 Pro |
Version: The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) Version: The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.627Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P30,P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, { status: "affected", version: "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, ], }, ], datePublic: "2019-05-17T00:00:00", descriptions: [ { lang: "en", value: "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)", }, ], problemTypes: [ { descriptions: [ { description: "man-in-the-middle", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-04T18:44:57", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5215", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "P30,P30 Pro", version: { version_data: [ { version_value: "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, { version_value: "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "man-in-the-middle", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5215", datePublished: "2019-06-04T18:44:57", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.627Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5226
Vulnerability from cvelistv5
Published
2019-11-29 18:57
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | P30, P30 Pro, Mate 20, HiSuite |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.805Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P30, P30 Pro, Mate 20, HiSuite", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305", }, ], }, ], descriptions: [ { lang: "en", value: "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.", }, ], problemTypes: [ { descriptions: [ { description: "version downgrade", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-29T18:57:30", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5226", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "P30, P30 Pro, Mate 20, HiSuite", version: { version_data: [ { version_value: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "version downgrade", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5226", datePublished: "2019-11-29T18:57:30", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.805Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9107
Vulnerability from cvelistv5
Published
2020-10-12 13:33
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.004Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.", }, ], problemTypes: [ { descriptions: [ { description: "Out-of-bounds Read and Write", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-12T13:33:25", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9107", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out-of-bounds Read and Write", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9107", datePublished: "2020-10-12T13:33:25", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.004Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9081
Vulnerability from cvelistv5
Published
2024-12-27 09:34
Modified
2024-12-27 16:08
Severity ?
EPSS score ?
Summary
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Huawei | HUAWEI Mate 20 |
Version: Versions earlier than 10.1.0.160(C00E160R3P8) Version: Versions earlier than 10.1.0.160(C01E160R2P8) |
||||||||||||||||||||||||
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2020-9081", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-27T16:07:50.855336Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-27T16:08:00.642Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "HUAWEI Mate 20", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R3P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C01E160R2P8)", }, ], }, { defaultStatus: "unaffected", product: "HUAWEI P30", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, ], }, { defaultStatus: "unaffected", product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C01E160R2P8)", }, ], }, { defaultStatus: "unaffected", product: "Princeton-AL10D", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, ], }, { defaultStatus: "unaffected", product: "Yale-AL00A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R8P12)", }, ], }, { defaultStatus: "unaffected", product: "Yale-AL50A", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.88(C00E88R8P1)", }, ], }, { defaultStatus: "unaffected", product: "YaleP-AL10B", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R8P12)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)</p><p></p><p>This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.</p>", }, ], value: "There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\n\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-285", description: "CWE-285 Improper Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-27T09:34:40.332Z", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { url: "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9081", datePublished: "2024-12-27T09:34:40.332Z", dateReserved: "2020-02-18T00:00:00.000Z", dateUpdated: "2024-12-27T16:08:00.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9254
Vulnerability from cvelistv5
Published
2020-07-17 22:36
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.123(C432E19R2P5patch02) Version: Versions earlier than 10.1.0.126(C10E11R5P1) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.123Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.123(C432E19R2P5patch02)", }, { status: "affected", version: "Versions earlier than 10.1.0.126(C10E11R5P1)", }, { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Logic Check Error", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-17T22:36:56", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9254", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.123(C432E19R2P5patch02)", }, { version_value: "Versions earlier than 10.1.0.126(C10E11R5P1)", }, { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "Huawei", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Logic Check Error", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9254", datePublished: "2020-07-17T22:36:56", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.123Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5227
Vulnerability from cvelistv5
Published
2019-11-29 19:24
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | P30, P30 Pro, Mate 20, HiSuite |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.916Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P30, P30 Pro, Mate 20, HiSuite", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305", }, ], }, ], descriptions: [ { lang: "en", value: "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.", }, ], problemTypes: [ { descriptions: [ { description: "version downgrade", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-29T19:24:05", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2019-5227", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "P30, P30 Pro, Mate 20, HiSuite", version: { version_data: [ { version_value: "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "version downgrade", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", refsource: "CONFIRM", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2019-5227", datePublished: "2019-11-29T19:24:05", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.916Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9095
Vulnerability from cvelistv5
Published
2020-08-21 13:26
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:19.824Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.", }, ], problemTypes: [ { descriptions: [ { description: "Integer Overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-21T13:26:27", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9095", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9095", datePublished: "2020-08-21T13:26:27", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:19.824Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9245
Vulnerability from cvelistv5
Published
2020-08-10 19:28
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | n/a | HUAWEI P30, HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P11) |
||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.131Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30, HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, ], }, { product: "HUAWEI P30, HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-10T19:28:04", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9245", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30, HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P11)", }, ], }, }, ], }, vendor_name: "n/a", }, { product: { product_data: [ { product_name: "HUAWEI P30, HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9245", datePublished: "2020-08-10T19:28:04", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.131Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9089
Vulnerability from cvelistv5
Published
2024-12-27 09:44
Modified
2024-12-27 15:06
Severity ?
EPSS score ?
Summary
There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Huawei | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.120(C431E19R2P5) Version: Versions earlier than 10.1.0.120(C432E19R2P5) Version: Versions earlier than 10.1.0.126(C10E11R5P1) Version: Versions earlier than 10.1.0.126(C461E11R3P1) |
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2020-9089", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-27T15:06:25.692557Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-27T15:06:33.561Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "HUAWEI P30 Pro", vendor: "Huawei", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.120(C431E19R2P5)", }, { status: "affected", version: "Versions earlier than 10.1.0.120(C432E19R2P5)", }, { status: "affected", version: "Versions earlier than 10.1.0.126(C10E11R5P1)", }, { status: "affected", version: "Versions earlier than 10.1.0.126(C461E11R3P1)", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)</p><p>This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.</p>", }, ], value: "There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-27T09:44:20.785Z", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9089", datePublished: "2024-12-27T09:44:20.785Z", dateReserved: "2020-02-18T00:00:00.000Z", dateUpdated: "2024-12-27T15:06:33.561Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9123
Vulnerability from cvelistv5
Published
2020-10-12 13:41
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.048Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Buffer Overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-12T13:41:48", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9123", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9123", datePublished: "2020-10-12T13:41:48", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.048Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-9106
Vulnerability from cvelistv5
Published
2020-10-12 13:43
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.
References
▼ | URL | Tags |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:19:20.033Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "HUAWEI P30 Pro", vendor: "n/a", versions: [ { status: "affected", version: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, ], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "Path Traversal", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-12T13:43:54", orgId: "25ac1063-e409-4190-8079-24548c77ea2e", shortName: "huawei", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@huawei.com", ID: "CVE-2020-9106", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "HUAWEI P30 Pro", version: { version_data: [ { version_value: "Versions earlier than 10.1.0.160(C00E160R2P8)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Path Traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en", refsource: "MISC", url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "25ac1063-e409-4190-8079-24548c77ea2e", assignerShortName: "huawei", cveId: "CVE-2020-9106", datePublished: "2020-10-12T13:43:54", dateReserved: "2020-02-18T00:00:00", dateUpdated: "2024-08-04T10:19:20.033Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-11-29 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | hisuite_firmware | * | |
huawei | hisuite | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "685D05E1-BFE2-469D-AF24-B9B5175C2D3E", versionEndExcluding: "elle-al00b_9.1.0.193\\(c00e190r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1822A93-8ED2-4E74-8AE2-30176892F67B", versionEndExcluding: "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7113FB5E-9B2A-4829-BB70-1067911BC880", versionEndExcluding: "hima-al00b_9.1.0.135\\(c00e133r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23B293EE-9920-42CB-AC07-17F004CFA501", versionEndExcluding: "9.1.0.305", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*", matchCriteriaId: "2C5F20DB-9D2E-4357-89D4-62DC2A6E9F02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.", }, { lang: "es", value: "Los teléfonos inteligentes P30, P30 Pro, Mate 20 con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R2P1), versiones anteriores a Hima-AL00B 9.1.0.135(C00E133R2P1) y HiSuite con versiones anteriores a HiSuite 9.1.0.305, presenta una vulnerabilidad de degradado de versión. El dispositivo y el software HiSuite no comprueban el paquete de actualización lo suficiente, de modo que el sistema del teléfono inteligente puede degradarse a una versión anterior.", }, ], id: "CVE-2019-5227", lastModified: "2024-11-21T04:44:33.753", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-29T20:15:11.863", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-346", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-27 10:15
Modified
2025-01-13 18:58
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE102A6B-1DA7-43CA-9C8E-DA7E3C7FF8C2", versionEndExcluding: "10.1.0.120\\(c431e19r2p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00376EE7-FED1-400D-8546-D726CDDAC892", versionEndExcluding: "10.1.0.120\\(c432e19r2p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC534873-48EE-4C7F-A27E-DB70BA3FD5D0", versionEndExcluding: "10.1.0.126\\(c10e11r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55B88481-4861-4840-B1B2-0E5DD37CC4A5", versionEndExcluding: "10.1.0.126\\(c461e11r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.", }, { lang: "es", value: "Existe una vulnerabilidad de información en los teléfonos inteligentes Huawei. Se puede llamar a una función de un módulo sin verificar el acceso del autor de la llamada. Los atacantes con acceso de usuario pueden aprovechar esta vulnerabilidad para obtener cierta información. Esto puede provocar una fuga de información. (ID de vulnerabilidad: HWPSIRT-2019-12141) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposición común (CVE): CVE-2020-9089.", }, ], id: "CVE-2020-9089", lastModified: "2025-01-13T18:58:56.063", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "psirt@huawei.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-12-27T10:15:13.487", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@huawei.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.", }, { lang: "es", value: "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura y escritura fuera de límites. Un atacante no autenticado diseña un mensaje malformado con un parámetro específico y envía el mensaje hacia los productos afectados. Debido a una comprobación insuficiente del mensaje, que puede ser explotado para causar el reinicio del proceso", }, ], id: "CVE-2020-9107", lastModified: "2024-11-21T05:40:03.097", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-12T14:15:14.230", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-21 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.", }, { lang: "es", value: "Los teléfonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura fuera de límites. Algunas funciones carecen de verificación cuando procesan algunos mensajes enviados desde otro módulo. Unos atacantes pueden explotar esta vulnerabilidad mediante el envío de mensajes maliciosos para causar una lectura fuera de límites. Esto puede comprometer el servicio normal.", }, ], id: "CVE-2020-9096", lastModified: "2024-11-21T05:40:00.993", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-21T14:15:11.277", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-07 13:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F274713-28DD-423D-9298-F0D05465D654", versionEndExcluding: "10.1.0.230\\(c432e9r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD", versionEndExcluding: "10.1.0.160\\(c00e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAE421D2-9633-43AA-8548-9F2E8A7B724A", versionEndExcluding: "10.1.0.270\\(c432e7r1p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73419613-9F87-4E99-9A8D-D8B6B74F882D", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:9.1.0.272\\(c635e4r2p2\\):*:*:*:*:*:*:*", matchCriteriaId: "09F3E84F-6F0A-40BC-91D5-C08A065EE345", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "171D6C45-8616-4D7A-8869-7C69DB877316", versionEndExcluding: "10.1.0.273\\(c185e5r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "366DC5C5-9276-4921-9ABD-92941B0CEE6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EBD1414-620B-4367-BF57-9AED468EA81C", versionEndExcluding: "10.1.0.160\\(c786e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*", matchCriteriaId: "5B3A54AE-DC30-429B-8FB8-BE6EB933E685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B4B9600-877F-458C-8E89-40E0B0D21E8A", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21BE2094-71C2-4C64-860E-67DE745110AD", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0E14B978-2A3C-4F55-8E3A-BA41AB137C33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAF4CBFD-6BB8-46B0-85B2-C2C144190AA0", versionEndExcluding: "10.1.0.225\\(c432e3r1p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*", matchCriteriaId: "5AB7B562-CDE8-47F2-8537-52AB3640E218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-tl00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4C61685-A7A9-4E2E-BA7B-15A3C32B3F4B", versionEndExcluding: "10.1.0.160\\(c01e160r8p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*", matchCriteriaId: "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yalep-al10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A68AFA26-2D0F-4896-AB42-4E3327935F9D", versionEndExcluding: "10.1.0.160\\(c00e160r8p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D81385-913B-4A38-A712-41CAE7B78DF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A8A96B1-0C57-4BDE-A4A4-1409A19B8C88", versionEndExcluding: "10.1.0.231\\(c10e3r3p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD6E8C02-F0E4-456E-A456-93FC2C568DF2", versionEndExcluding: "10.1.0.270\\(c635e3r1p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9AA09E4-2CEF-4482-AA24-00AF0C2E7050", versionEndExcluding: "10.1.0.273\\(c185e7r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45D23DA1-BD80-4157-A418-56A8B5DA544D", versionEndExcluding: "10.1.0.273\\(c636e7r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07AE032D-2BA2-4717-8280-98182B3A61AB", versionEndExcluding: "10.1.0.277\\(c10e7r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC8A76AE-FE0F-4C53-86EC-7663351D4EF9", versionEndExcluding: "10.1.0.277\\(c605e7r1p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17DCDDE2-A0F8-451D-8B92-029EAD61A6D2", versionEndExcluding: "10.1.0.123\\(c432e22r2p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67F9D5D0-FA78-4FE6-945F-C92692EE5E15", versionEndExcluding: "10.1.0.126\\(c10e7r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7AB36260-4707-4F6C-A5EF-9948BB1C5018", versionEndExcluding: "10.1.0.126\\(c185e4r7p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EC986DB-F634-4E50-9934-AE9406CBA72A", versionEndExcluding: "10.1.0.126\\(c605e19r1p3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA764DAA-0533-4A69-95A3-00260583800B", versionEndExcluding: "10.1.0.126\\(c636e5r3p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A19133CB-485B-4FF9-A103-6A76CB9332F5", versionEndExcluding: "10.1.0.126\\(c636e7r3p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDF06609-7E15-4F42-A112-9925185F5925", versionEndExcluding: "10.1.0.273\\(c636e5r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "366DC5C5-9276-4921-9ABD-92941B0CEE6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6066AB6A-2C61-4192-95DE-9CF1173F5666", versionEndExcluding: "10.1.0.275\\(c10e4r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "366DC5C5-9276-4921-9ABD-92941B0CEE6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3687F033-B75A-497E-B435-87D5D2F2A071", versionEndExcluding: "10.1.0.226\\(c10e3r1p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*", matchCriteriaId: "5AB7B562-CDE8-47F2-8537-52AB3640E218", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.", }, { lang: "es", value: "Se presenta una vulnerabilidad de desbordamiento del búfer en varios productos de Huawei. El sistema no valida suficientemente ciertos parámetros de configuración que son pasados desde usuario y que causarían un desbordamiento del búfer. El atacante debería engañar al usuario para que instale y ejecute una aplicación maliciosa con un alto privilegio; una explotación con éxito puede provocar una ejecución de código. Los productos afectados incluyen Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B y YaleP- AL10B", }, ], id: "CVE-2020-9247", lastModified: "2024-11-21T05:40:15.980", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-07T13:15:11.123", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "psirt@huawei.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-11 19:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD", versionEndExcluding: "10.1.0.160\\(c00e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CAC2512-1577-4DB3-AC23-A5F4BF0D9127", versionEndExcluding: "10.1.0.270\\(c431e7r1p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73419613-9F87-4E99-9A8D-D8B6B74F882D", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C7558A-D8B6-4773-A14D-38EDFFD96E5E", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "939C475D-62F1-4739-A010-8EB1D254352D", versionEndExcluding: "10.1.0.160\\(c786e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*", matchCriteriaId: "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EA59594-AD02-44FC-B3A4-91D961A5A81D", versionEndExcluding: "10.0.0.187\\(c00e61r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*", matchCriteriaId: "3F3A0DA8-F39F-4343-856C-4BCDFB874DD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2972F40-6507-40D2-8F9B-40A3BDBC6142", versionEndExcluding: "10.0.0.175\\(c00e58r4p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*", matchCriteriaId: "55571AAC-B8B2-48D0-8486-BB2992A39568", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EB8A69A7-BDA8-42C7-800D-A15928E1FDBC", versionEndExcluding: "10.0.0.194\\(c00e62r8p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6F48C40-4FAC-4311-98F1-99FC480C2C90", versionEndExcluding: "10.0.0.188\\(c00e62r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*", matchCriteriaId: "2FF332D5-0799-487A-970B-E0FB7435207D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD6E8C02-F0E4-456E-A456-93FC2C568DF2", versionEndExcluding: "10.1.0.270\\(c635e3r1p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45D23DA1-BD80-4157-A418-56A8B5DA544D", versionEndExcluding: "10.1.0.273\\(c636e7r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EA59594-AD02-44FC-B3A4-91D961A5A81D", versionEndExcluding: "10.0.0.187\\(c00e61r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*", matchCriteriaId: "3F3A0DA8-F39F-4343-856C-4BCDFB874DD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged", }, { lang: "es", value: "Versiones de HUAWEI Mate 20 Versiones anteriores a 10.1.0.160(C00E160R3P8); versiones de HUAWEI Mate 20 Pro Versiones anteriores a 10.1.0.270(C431E7R1P5), Versiones anteriores a 10.1.0.270(C635E3R1P5), Versiones anteriores a 10.1.0.273(C636E7R2WE); versiones de Mate 20 X Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI P30 Versiones anteriores a 10.1.0.160(C00E160R2P11); versiones de HUAWEI P30 Pro Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI Mate 20 RS Versiones anteriores a 10.1 .0.160(C786E160R3P8); versiones de HonorMagic2 Versiones anteriores a 10.0.0.187(C00E61R2P11); versiones de Honor20 Versiones anteriores a 10.0.0.175(C00E58R4P11); versiones de Honor20 PRO Versiones anteriores a 10.0.0.194(C00E62R8P12); versiones de HonorMagic2 10.0.0.187(C00E61R2P11); versiones de HonorV20 Versiones anteriores a 10.0.0.188(C00E62R2P11), presentan una vulnerabilidad de autenticación inapropiada. El sistema no firma adecuadamente determinado archivo cifrado, el atacante debe conseguir la clave usada para cifrar el archivo, una explotación con éxito podría causar que cierto archivo sea falsificado", }, ], id: "CVE-2020-9244", lastModified: "2024-11-21T05:40:15.390", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-11T19:15:17.687", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-27 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B6184CF-9037-4099-AD49-97D1BE85BBCA", versionEndExcluding: "9.1.0.300\\(c432e4r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "34ACFA43-7B18-437C-91F8-07F7B265657B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-l29_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFFC3AFA-18D3-4B66-8096-E2DB298E9012", versionEndExcluding: "9.1.0.315\\(c636e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-l29:-:*:*:*:*:*:*:*", matchCriteriaId: "316E46D1-B3CD-4783-A4CB-F68C215439F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C47EA7A-7F85-4BD3-A309-057D9EBC944A", versionEndExcluding: "9.1.0.321\\(c636e4r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1087EABB-4325-41EB-B09B-10F04A75C1C1", versionEndExcluding: "9.1.0.330\\(c432e6r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB13FD96-6FCC-4CE8-9E57-530B294A192C", versionEndExcluding: "9.1.0.302\\(c635e4r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*", matchCriteriaId: "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BB64041-1B61-490E-BA4D-08F9B178CD7D", versionEndExcluding: "9.1.0.350\\(c10e3r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "865F26AC-8EA6-4003-953C-1FF933AC2A25", versionEndExcluding: "9.1.0.351\\(c432e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA96859C-81F6-4227-B228-BF6C82451A1B", versionEndExcluding: "9.1.0.350\\(c636e4r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5700C010-5655-4421-AA6B-44DDA28E0E29", versionEndExcluding: "9.1.0.311\\(c185e4r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "BC428982-90AF-4232-918C-BB8D5608927A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5EC9940-713C-4400-9EB0-23CDEF5E5CD0", versionEndExcluding: "9.1.0.345\\(c432e8r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "BC428982-90AF-4232-918C-BB8D5608927A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60FA31C3-4B67-40F9-9E39-92F7E25F50A0", versionEndExcluding: "9.1.0.325\\(c185e4r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F965BA36-4F41-485C-A7F0-95071BD356C8", versionEndExcluding: "9.1.0.335\\(c636e3r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B2253BA-D36C-4760-95C7-330C5BBE9B47", versionEndExcluding: "9.1.0.345\\(c432e8r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EC23449-4B1B-4FF2-AD65-1077C64B19E1", versionEndExcluding: "9.1.0.336\\(c605e3r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B37F0AE0-C461-4B70-B790-9606E2D27E0F", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "2F63CA2F-45B8-4DD3-81AE-8359929AE50B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C77C9A1A-0B19-4976-8070-E3D79124C466", versionEndExcluding: "9.1.0.350\\(c461e3r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD2B4309-0AA2-49A5-A103-0FD0CC893E04", versionEndExcluding: "9.1.0.350\\(c185e3r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F7B01B2-E3BA-49CF-B651-85404988A481", versionEndExcluding: "9.1.0.350\\(c10e5r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A", versionEndExcluding: "9.1.0.351\\(c432e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E07C41EF-6F24-4477-A32F-BEE404E4388E", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5193B7-6F3F-4249-BB74-62480893CAB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A20CF38-1A24-4C53-A8A9-D9F90CD3DEF5", versionEndExcluding: "9.1.0.328\\(c185e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C049681E-B4CE-4199-9B8A-55430F64E98E", versionEndExcluding: "9.1.0.328\\(c432e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B7D1955-668A-4849-83A9-AD79F1AECE00", versionEndExcluding: "9.1.0.330\\(c461e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BBCE23A8-5556-47D3-94D5-3B838290E313", versionEndExcluding: "9.1.0.328\\(c636e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F69B82AD-34E2-4ED6-AACD-355982232959", versionEndExcluding: "9.1.0.336\\(c605e4r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D91A6502-BDFF-45ED-A324-297E8B376AEF", versionEndExcluding: "9.1.0.311\\(c185e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF7E1345-CAF2-4414-9C04-925AF467629B", versionEndExcluding: "9.1.0.345\\(c432e10r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D691689C-4EA7-4C2B-82FF-EBF7E1914C2B", versionEndExcluding: "9.1.0.311\\(c605e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1ED8852-7D46-493C-9A4B-0D267C4AF7A9", versionEndExcluding: "9.1.0.311\\(c636e7r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD58E3B6-C4C5-4114-87A8-AA8BBBED1014", versionEndExcluding: "9.1.0.311\\(c432e7r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1E46E7C-762A-42EF-8FFF-C958855BC69C", versionEndExcluding: "9.1.0.311\\(c185e3r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5384ACB4-5D30-4E01-8F54-F896C6027EFC", versionEndExcluding: "9.1.0.310\\(c636e3r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B4C2C1A-4CC6-4706-8BCF-26C013FB75F2", versionEndExcluding: "9.1.0.310\\(c432e3r1p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "242DFB51-97EC-4190-A6FA-EF748BA007FE", versionEndExcluding: "9.1.0.131\\(c00e131r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8EAE5CB4-FBF2-4570-9419-E7F1C11771FD", versionEndExcluding: "9.1.0.310\\(c185e10r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "26909FF8-9B5D-4AF8-A811-3ECB5AE5F0AC", versionEndExcluding: "9.1.0.135\\(c786e133r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*", matchCriteriaId: "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8F891A4-1B1B-4B8B-B160-9279BC9F1F1D", versionEndExcluding: "9.1.0.135\\(c00e133r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9B05287-637D-4BCD-A153-54C4E2D5328D", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*", matchCriteriaId: "7492911B-4242-4947-9DED-9F48FC0875CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D54686F0-EECF-4E50-B5C0-BB940D4FC533", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6B315FBC-8BF9-4256-80F9-63EFF0806BEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24F40E10-DBB7-4A3F-8AC7-CFA0255F0938", versionEndExcluding: "9.1.0.193", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC306039-7878-426F-821D-306001CA3E92", versionEndExcluding: "9.1.0.186\\(c00e180r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0AEA14A-FD7D-42FD-BED2-C88E5FBE2E17", versionEndExcluding: "9.1.0.220\\(c605e3r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "F48ABE15-BC87-4B02-8B39-94DA1DC96B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1532C2F4-2A09-45F8-9290-7F9211DAF5DD", versionEndExcluding: "9.1.0.305\\(c635e8r2p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B4FAF6E-6457-482C-B93E-DB2F782A2232", versionEndExcluding: "9.1.0.283\\(c605e8r2p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B76E03E9-CC25-4B3D-A236-71F132DFF08F", versionEndExcluding: "9.1.0.221\\(c461e2r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*", matchCriteriaId: "E7635502-0FD1-464E-8C64-1E8FF6235495", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC5ED827-6CFC-4D8A-863F-B5BC2574833A", versionEndExcluding: "9.1.0.238\\(c432e1r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", matchCriteriaId: "6A55CF4F-8E86-419C-845B-CE60070620A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:jackman-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F21804-A0B9-48C5-A5E8-144FC3F1476F", versionEndExcluding: "9.1.0.247\\(c636e2r4p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "B99E236E-D36C-4FE9-93C2-10D01A3A7390", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l21b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B99A82F1-6AC5-49A9-BBD6-84021EE314AB", versionEndExcluding: "9.1.0.331\\(c432e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*", matchCriteriaId: "5B3765F0-677E-48FA-8A70-8F5A69660DC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l21meb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F496B865-29EC-40FD-80E7-4743DD9B63F3", versionEndExcluding: "9.1.0.331\\(c185e4r1p3t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*", matchCriteriaId: "010590E4-2979-4AE3-9B94-7C1BC5CE0533", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FA05B35-9F89-4048-A533-C940AC64164A", versionEndExcluding: "9.1.0.331\\(c636e1r1p3t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "143485B2-5216-4190-8306-63D12362F6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE6D5B81-ED8D-41C1-88DD-9FD23EBD1ABE", versionEndExcluding: "9.1.0.212\\(c00e62r1p7t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "66A35E71-4D6A-494D-882B-987CE16E3467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE088454-B444-4A45-B7FF-498354EBACBD", versionEndExcluding: "9.1.0.215\\(c432e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "C949EB56-D8A6-4D5C-98B4-3FF056536BF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E3BA431-B89F-4DAC-80DD-2DD278D6FE2B", versionEndExcluding: "9.1.0.213\\(c185e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "C949EB56-D8A6-4D5C-98B4-3FF056536BF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21br_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1689E3E-37B9-4EDC-A583-BCB3A7D78EA1", versionEndExcluding: "9.1.0.213\\(c185e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*", matchCriteriaId: "BD953016-2468-40BD-8383-9105BA297C26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F41F75B-B181-4B2A-8331-64D77A795FA2", versionEndExcluding: "9.1.0.258\\(c636e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "40DAF023-9D20-4262-B5BE-F3C61906C9BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l22br_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EACD275C-05DB-4E79-86B7-18892C66ACD6", versionEndExcluding: "9.1.0.258\\(c636e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*", matchCriteriaId: "EE0C17CF-D4AA-460E-815F-32FB5C8702A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF59B4B4-E0F6-43F4-9DC8-6330D8E54957", versionEndExcluding: "9.1.0.228\\(c00e78r1p7t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA53F55-8938-4DA9-B41A-D7E430D2A16F", versionEndExcluding: "9.1.0.215\\(c782e2r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "098FDD61-E3C6-4A7B-8EC7-9F4F847F2D85", versionEndExcluding: "9.1.0.213\\(c185e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB62B7A4-3FE5-4BBF-A63B-B8BA55689532", versionEndExcluding: "9.1.0.270\\(c432e3r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l03_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D84E8681-137D-497C-A4E9-7A9518519669", versionEndExcluding: "9.1.0.217\\(c605e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*", matchCriteriaId: "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73849B9E-BD8E-46A9-9D79-41210455C02B", versionEndExcluding: "9.1.0.221\\(c461e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "FCE69226-79D4-4CB9-8E81-BC82A8A98095", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "06D9B4FD-5C40-4824-A64F-BD324E87D5AD", versionEndExcluding: "9.1.0.215\\(c432e4r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "FCE69226-79D4-4CB9-8E81-BC82A8A98095", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C93CDC1-1F31-44A2-AFE8-3744121F7BB8", versionEndExcluding: "9.1.0.259\\(c185e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "41406787-C8CD-426A-9F5B-E2D99430BD10", versionEndExcluding: "9.1.0.220\\(c635e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D745CD0-C26D-4E73-9BFA-68E0C11E5E64", versionEndExcluding: "9.1.0.216\\(c569e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l23_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28BB1F95-8AB3-46EA-8509-A48B8FEC51CD", versionEndExcluding: "9.1.0.226\\(c605e2r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*", matchCriteriaId: "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "782EE52E-D3F2-4DAA-886D-82C04BAB405F", versionEndExcluding: "9.1.0.154\\(c432e2r3p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BAB5A99-C9EC-479C-9FD9-B444DA0C3E7E", versionEndExcluding: "9.1.0.154\\(c461e2r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D99D9D-6569-44B3-B437-6E26D70427E9", versionEndExcluding: "9.1.0.154\\(c636e2r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF22C4E0-04AD-4E29-AE33-683DB15B9999", versionEndExcluding: "9.1.0.152\\(c00e150r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*", matchCriteriaId: "55571AAC-B8B2-48D0-8486-BB2992A39568", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE504AB8-68B4-4C72-A5B5-1127487CA3B0", versionEndExcluding: "10.0.0.187", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*", matchCriteriaId: "86489593-F6E2-480E-9381-540FA4256A84", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "302DF5FB-66EA-461B-8AD8-46ED1A915C4E", versionEndExcluding: "9.1.0.234\\(c00e234r4p3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*", matchCriteriaId: "2FF332D5-0799-487A-970B-E0FB7435207D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)", }, { lang: "es", value: "Hay dos vulnerabilidades de denegación de servicio en algunos teléfonos inteligentes Huawei. Un atacante puede enviar mensajes TD-SCDMA especialmente diseñados desde una estación base no autorizada a los dispositivos afectados. Debido a una comprobación insuficiente de entrada de dos valores al analizar los mensajes, una explotación con éxito puede causar un dispositivo anormal. Esta es 1 de 2 vulnerabilidades. Diferente a CVE-2020-5303. Los productos afectados y sus son: ALP-AL00B: anteriores a 9.1.0.333(C00E333R2P1T8) ALP-L09: anteriores a 9.1.0.300(C432E4R1P9T8) ALP-L29: anteriores a 9.1.0.315(C636E5R1P13T8) BLA-L29C: anteriores a 9.1.0.321(C636E4R1P14T8), anteriores a 9.1.0.330(C432E6R1P12T8), anteriores a 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: anteriores a 9.1.0.333(C00E333R2P1T8) Berkeley-L09: anteriores a 9.1.0.350(C10E3R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8), anteriores a 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: anteriores a 9.1.0.311(C185E4R1P11T8), anteriores a 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: anteriores a 9.1.0.325(C185E4R1P11T8), anteriores a 9.1.0.335(C636E3R1P13T8), anteriores a 9.1.0.345(C432E8R1P11T8), anteriores a 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: anteriores a 9.1.0.333(C00E333R1P1T8) Columbia-L29D: anteriores a 9.1.0.350(C461E3R1P11T8), anteriores a 9.1.0.350(C185E3R1P12T8), anteriores a 9.1.0.350(C10E5R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: anteriores a 9.1.0.333(C00E333R1P1T8) Cornell-L29A: anteriores a 9.1.0.328(C185E1R1P9T8), anteriores a 9.1.0.328(C432E1R1P9T8), anteriores a 9.1.0.330(C461E1R1P9T8), anteriores a 9.1.0.328(C636E2R1P12T8) Emily-L09C: anteriores a 9.1.0.336(C605E4R1P12T8), anteriores a 9.1.0.311(C185E2R1P12T8), anteriores a 9.1.0.345(C432E10R1P12T8) Emily-L29C: anteriores a 9.1.0.311(C605E2R1P12T8), anteriores a 9.1.0.311(C636E7R1P13T8), anteriores a 9.1.0.311(C432E7R1P11T8) Ever-L29B: anteriores a 9.1.0.311(C185E3R3P1), anteriores a 9.1.0.310(C636E3R2P1), anteriores a 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: anteriores a 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: anteriores a 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: anteriores a 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: anteriores a 9.1.0.135(C00E133R2P1) HUAWEI P20: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P30: anteriores a 9.1.0.193 HUAWEI P30 Pro: anteriores a 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: anteriores a 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: anteriores a 9.1.0.305(C635E8R2P2) Honor 10 Lite: anteriores a 9.1.0.283(C605E8R2P2) Honor 8X: anteriores a 9.1.0.221(C461E2R1P1T8) Honor View 20: anteriores a 9.1.0.238(C432E1R3P1) Jackman-L22: anteriores a 9.1.0.247(C636E2R4P1T8) Paris-L21B: anteriores a 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: anteriores a 9.1.0.331(C185E4R1P3T8) Paris-L29B: anteriores a 9.1.0.331(C636E1R1P3T8) Sydney-AL00: anteriores a 9.1.0.212(C00E62R1P7T8) Sydney-L21: anteriores a 9.1.0.215(C432E1R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: anteriores a 9.1.0.213(C185E1R1P2T8) Sydney-L22: anteriores a 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: anteriores a 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: anteriores a 9.1.0.228(C00E78R1P7T8) SydneyM-L01: anteriores a 9.1.0.215(C782E2R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8), anteriores a 9.1.0.270(C432E3R1P1T8) SydneyM-L03: anteriores a 9.1.0.217(C605E1R1P1T8) SydneyM-L21: anteriores a 9.1.0.221(C461E1R1P1T8), anteriores a 9.1.0.215(C432E4R1P1T8) SydneyM-L22: anteriores a 9.1.0.259(C185E1R1P2T8), anteriores a 9.1.0.220(C635E1R1P2T8), anteriores a 9.1.0.216(C569E1R1P1T8) SydneyM-L23: anteriores a 9.1.0.226(C605E2R1P1T8) Yale-L21A: anteriores a 9.1.0.154(C432E2R3P2), anteriores a 9.1.0.154(C461E2R2P1), anteriores a 9.1.0.154(C636E2R2P1) Honor 20: anteriores a 9.1.0.152(C00E150R5P1) Honor Magic2: anteriores a 10.0.0.187 Honor V20: anteriores a 9.1.0.234(C00E234R4P3)", }, ], id: "CVE-2019-5302", lastModified: "2024-11-21T04:44:42.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-27T20:15:12.337", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-06 19:15
Modified
2024-11-21 05:11
Severity ?
Summary
HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C7558A-D8B6-4773-A14D-38EDFFD96E5E", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.", }, { lang: "es", value: "HUAWEI P30 con versiones anteriores a 10.1.0.160(C00E160R2P11) y HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una vulnerabilidad de divulgación de información. Una configuración predeterminada de ciertas funciones en el sistema parece no segura, un atacante debería diseñar un hotspot WI-FI para iniciar el ataque. Una explotación con éxito podría causar una divulgación de información", }, ], id: "CVE-2020-1836", lastModified: "2024-11-21T05:11:27.817", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-06T19:15:12.400", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-29 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70FD7015-D62E-41DB-A19B-AF74689761E1", versionEndExcluding: "elle-al00b_9.1.0.193\\(c00e190r1p21\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A40DE867-C2EC-4330-AE41-1F587DE5F715", versionEndExcluding: "hima-al00b_9.1.0.135\\(c00e200r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94C7C746-665F-492B-B0CB-F9DA7CEDF907", versionEndExcluding: "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.", }, { lang: "es", value: "Los teléfonos inteligentes P30, Mate 20, P30 Pro con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R1P21), versiones anteriores a Hima-AL00B 9.1.0.135(C00E200R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R1P12), presentan varias vulnerabilidades de desbordamiento de búfer, el sistema no comprueba apropiadamente cierto parámetro de longitud que una aplicación transporta al kernel. Un atacante engaña al usuario para instalar una aplicación maliciosa, una explotación con éxito podría causar una ejecución de código malicioso.", }, ], id: "CVE-2019-5225", lastModified: "2024-11-21T04:44:33.507", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-29T20:15:11.753", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-12 23:15
Modified
2024-11-21 04:44
Severity ?
Summary
Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | honor_v20_firmware | * | |
huawei | honor_v20 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70FD7015-D62E-41DB-A19B-AF74689761E1", versionEndExcluding: "elle-al00b_9.1.0.193\\(c00e190r1p21\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94C7C746-665F-492B-B0CB-F9DA7CEDF907", versionEndExcluding: "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB61728E-3EBB-4C72-8669-5177291B7538", versionEndExcluding: "princeton-al10b_9.1.0.233\\(c00e233r4p3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*", matchCriteriaId: "2FF332D5-0799-487A-970B-E0FB7435207D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.", }, { lang: "es", value: "Ciertos módulos de detección de teléfonos inteligentes P30, P30 Pro, Honor V20 con versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R1P21), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R1P12), versiones anteriores a Princeton-AL10B 9.1.0.233(C00E233R4P3), presentan una vulnerabilidad de condición de carrera. El sistema no bloquea determinadas funciones apropiadamente, cuando la función es invocada por múltiples procesos podría causar una escritura fuera del límite. Un atacante engaña al usuario para que instale una aplicación maliciosa, una explotación con éxito podría causar una ejecución de código malicioso.", }, ], id: "CVE-2019-5228", lastModified: "2024-11-21T04:44:33.877", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-12T23:15:10.223", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-27 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B6184CF-9037-4099-AD49-97D1BE85BBCA", versionEndExcluding: "9.1.0.300\\(c432e4r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "34ACFA43-7B18-437C-91F8-07F7B265657B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-l29_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFFC3AFA-18D3-4B66-8096-E2DB298E9012", versionEndExcluding: "9.1.0.315\\(c636e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-l29:-:*:*:*:*:*:*:*", matchCriteriaId: "316E46D1-B3CD-4783-A4CB-F68C215439F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C47EA7A-7F85-4BD3-A309-057D9EBC944A", versionEndExcluding: "9.1.0.321\\(c636e4r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1087EABB-4325-41EB-B09B-10F04A75C1C1", versionEndExcluding: "9.1.0.330\\(c432e6r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB13FD96-6FCC-4CE8-9E57-530B294A192C", versionEndExcluding: "9.1.0.302\\(c635e4r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*", matchCriteriaId: "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BB64041-1B61-490E-BA4D-08F9B178CD7D", versionEndExcluding: "9.1.0.350\\(c10e3r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "865F26AC-8EA6-4003-953C-1FF933AC2A25", versionEndExcluding: "9.1.0.351\\(c432e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA96859C-81F6-4227-B228-BF6C82451A1B", versionEndExcluding: "9.1.0.350\\(c636e4r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5700C010-5655-4421-AA6B-44DDA28E0E29", versionEndExcluding: "9.1.0.311\\(c185e4r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "BC428982-90AF-4232-918C-BB8D5608927A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5EC9940-713C-4400-9EB0-23CDEF5E5CD0", versionEndExcluding: "9.1.0.345\\(c432e8r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "BC428982-90AF-4232-918C-BB8D5608927A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60FA31C3-4B67-40F9-9E39-92F7E25F50A0", versionEndExcluding: "9.1.0.325\\(c185e4r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F965BA36-4F41-485C-A7F0-95071BD356C8", versionEndExcluding: "9.1.0.335\\(c636e3r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B2253BA-D36C-4760-95C7-330C5BBE9B47", versionEndExcluding: "9.1.0.345\\(c432e8r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EC23449-4B1B-4FF2-AD65-1077C64B19E1", versionEndExcluding: "9.1.0.336\\(c605e3r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B37F0AE0-C461-4B70-B790-9606E2D27E0F", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "2F63CA2F-45B8-4DD3-81AE-8359929AE50B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C77C9A1A-0B19-4976-8070-E3D79124C466", versionEndExcluding: "9.1.0.350\\(c461e3r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD2B4309-0AA2-49A5-A103-0FD0CC893E04", versionEndExcluding: "9.1.0.350\\(c185e3r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F7B01B2-E3BA-49CF-B651-85404988A481", versionEndExcluding: "9.1.0.350\\(c10e5r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A", versionEndExcluding: "9.1.0.351\\(c432e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E07C41EF-6F24-4477-A32F-BEE404E4388E", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5193B7-6F3F-4249-BB74-62480893CAB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A20CF38-1A24-4C53-A8A9-D9F90CD3DEF5", versionEndExcluding: "9.1.0.328\\(c185e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C049681E-B4CE-4199-9B8A-55430F64E98E", versionEndExcluding: "9.1.0.328\\(c432e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B7D1955-668A-4849-83A9-AD79F1AECE00", versionEndExcluding: "9.1.0.330\\(c461e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BBCE23A8-5556-47D3-94D5-3B838290E313", versionEndExcluding: "9.1.0.328\\(c636e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F69B82AD-34E2-4ED6-AACD-355982232959", versionEndExcluding: "9.1.0.336\\(c605e4r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D91A6502-BDFF-45ED-A324-297E8B376AEF", versionEndExcluding: "9.1.0.311\\(c185e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF7E1345-CAF2-4414-9C04-925AF467629B", versionEndExcluding: "9.1.0.345\\(c432e10r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*", matchCriteriaId: "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D691689C-4EA7-4C2B-82FF-EBF7E1914C2B", versionEndExcluding: "9.1.0.311\\(c605e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1ED8852-7D46-493C-9A4B-0D267C4AF7A9", versionEndExcluding: "9.1.0.311\\(c636e7r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD58E3B6-C4C5-4114-87A8-AA8BBBED1014", versionEndExcluding: "9.1.0.311\\(c432e7r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1E46E7C-762A-42EF-8FFF-C958855BC69C", versionEndExcluding: "9.1.0.311\\(c185e3r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5384ACB4-5D30-4E01-8F54-F896C6027EFC", versionEndExcluding: "9.1.0.310\\(c636e3r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B4C2C1A-4CC6-4706-8BCF-26C013FB75F2", versionEndExcluding: "9.1.0.310\\(c432e3r1p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "242DFB51-97EC-4190-A6FA-EF748BA007FE", versionEndExcluding: "9.1.0.131\\(c00e131r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8EAE5CB4-FBF2-4570-9419-E7F1C11771FD", versionEndExcluding: "9.1.0.310\\(c185e10r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "26909FF8-9B5D-4AF8-A811-3ECB5AE5F0AC", versionEndExcluding: "9.1.0.135\\(c786e133r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*", matchCriteriaId: "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8F891A4-1B1B-4B8B-B160-9279BC9F1F1D", versionEndExcluding: "9.1.0.135\\(c00e133r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9B05287-637D-4BCD-A153-54C4E2D5328D", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*", matchCriteriaId: "7492911B-4242-4947-9DED-9F48FC0875CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D54686F0-EECF-4E50-B5C0-BB940D4FC533", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6B315FBC-8BF9-4256-80F9-63EFF0806BEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24F40E10-DBB7-4A3F-8AC7-CFA0255F0938", versionEndExcluding: "9.1.0.193", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC306039-7878-426F-821D-306001CA3E92", versionEndExcluding: "9.1.0.186\\(c00e180r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0AEA14A-FD7D-42FD-BED2-C88E5FBE2E17", versionEndExcluding: "9.1.0.220\\(c605e3r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "F48ABE15-BC87-4B02-8B39-94DA1DC96B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1532C2F4-2A09-45F8-9290-7F9211DAF5DD", versionEndExcluding: "9.1.0.305\\(c635e8r2p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B4FAF6E-6457-482C-B93E-DB2F782A2232", versionEndExcluding: "9.1.0.283\\(c605e8r2p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B76E03E9-CC25-4B3D-A236-71F132DFF08F", versionEndExcluding: "9.1.0.221\\(c461e2r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*", matchCriteriaId: "E7635502-0FD1-464E-8C64-1E8FF6235495", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC5ED827-6CFC-4D8A-863F-B5BC2574833A", versionEndExcluding: "9.1.0.238\\(c432e1r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", matchCriteriaId: "6A55CF4F-8E86-419C-845B-CE60070620A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:jackman-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F21804-A0B9-48C5-A5E8-144FC3F1476F", versionEndExcluding: "9.1.0.247\\(c636e2r4p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "B99E236E-D36C-4FE9-93C2-10D01A3A7390", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l21b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B99A82F1-6AC5-49A9-BBD6-84021EE314AB", versionEndExcluding: "9.1.0.331\\(c432e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*", matchCriteriaId: "5B3765F0-677E-48FA-8A70-8F5A69660DC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l21meb_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F496B865-29EC-40FD-80E7-4743DD9B63F3", versionEndExcluding: "9.1.0.331\\(c185e4r1p3t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*", matchCriteriaId: "010590E4-2979-4AE3-9B94-7C1BC5CE0533", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5FA05B35-9F89-4048-A533-C940AC64164A", versionEndExcluding: "9.1.0.331\\(c636e1r1p3t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "143485B2-5216-4190-8306-63D12362F6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CE6D5B81-ED8D-41C1-88DD-9FD23EBD1ABE", versionEndExcluding: "9.1.0.212\\(c00e62r1p7t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "66A35E71-4D6A-494D-882B-987CE16E3467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE088454-B444-4A45-B7FF-498354EBACBD", versionEndExcluding: "9.1.0.215\\(c432e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "C949EB56-D8A6-4D5C-98B4-3FF056536BF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E3BA431-B89F-4DAC-80DD-2DD278D6FE2B", versionEndExcluding: "9.1.0.213\\(c185e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "C949EB56-D8A6-4D5C-98B4-3FF056536BF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21br_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1689E3E-37B9-4EDC-A583-BCB3A7D78EA1", versionEndExcluding: "9.1.0.213\\(c185e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*", matchCriteriaId: "BD953016-2468-40BD-8383-9105BA297C26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F41F75B-B181-4B2A-8331-64D77A795FA2", versionEndExcluding: "9.1.0.258\\(c636e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "40DAF023-9D20-4262-B5BE-F3C61906C9BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l22br_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EACD275C-05DB-4E79-86B7-18892C66ACD6", versionEndExcluding: "9.1.0.258\\(c636e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*", matchCriteriaId: "EE0C17CF-D4AA-460E-815F-32FB5C8702A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF59B4B4-E0F6-43F4-9DC8-6330D8E54957", versionEndExcluding: "9.1.0.228\\(c00e78r1p7t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA53F55-8938-4DA9-B41A-D7E430D2A16F", versionEndExcluding: "9.1.0.215\\(c782e2r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "098FDD61-E3C6-4A7B-8EC7-9F4F847F2D85", versionEndExcluding: "9.1.0.213\\(c185e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB62B7A4-3FE5-4BBF-A63B-B8BA55689532", versionEndExcluding: "9.1.0.270\\(c432e3r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l03_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D84E8681-137D-497C-A4E9-7A9518519669", versionEndExcluding: "9.1.0.217\\(c605e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*", matchCriteriaId: "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73849B9E-BD8E-46A9-9D79-41210455C02B", versionEndExcluding: "9.1.0.221\\(c461e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "FCE69226-79D4-4CB9-8E81-BC82A8A98095", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "06D9B4FD-5C40-4824-A64F-BD324E87D5AD", versionEndExcluding: "9.1.0.215\\(c432e4r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "FCE69226-79D4-4CB9-8E81-BC82A8A98095", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C93CDC1-1F31-44A2-AFE8-3744121F7BB8", versionEndExcluding: "9.1.0.259\\(c185e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "41406787-C8CD-426A-9F5B-E2D99430BD10", versionEndExcluding: "9.1.0.220\\(c635e1r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D745CD0-C26D-4E73-9BFA-68E0C11E5E64", versionEndExcluding: "9.1.0.216\\(c569e1r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l23_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28BB1F95-8AB3-46EA-8509-A48B8FEC51CD", versionEndExcluding: "9.1.0.226\\(c605e2r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*", matchCriteriaId: "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "782EE52E-D3F2-4DAA-886D-82C04BAB405F", versionEndExcluding: "9.1.0.154\\(c432e2r3p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BAB5A99-C9EC-479C-9FD9-B444DA0C3E7E", versionEndExcluding: "9.1.0.154\\(c461e2r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D99D9D-6569-44B3-B437-6E26D70427E9", versionEndExcluding: "9.1.0.154\\(c636e2r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF22C4E0-04AD-4E29-AE33-683DB15B9999", versionEndExcluding: "9.1.0.152\\(c00e150r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*", matchCriteriaId: "55571AAC-B8B2-48D0-8486-BB2992A39568", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE504AB8-68B4-4C72-A5B5-1127487CA3B0", versionEndExcluding: "10.0.0.187", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*", matchCriteriaId: "86489593-F6E2-480E-9381-540FA4256A84", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "302DF5FB-66EA-461B-8AD8-46ED1A915C4E", versionEndExcluding: "9.1.0.234\\(c00e234r4p3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*", matchCriteriaId: "2FF332D5-0799-487A-970B-E0FB7435207D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)", }, { lang: "es", value: "Hay dos vulnerabilidades de denegación de servicio en algunos teléfonos inteligentes Huawei. Un atacante puede enviar mensajes TD-SCDMA especialmente diseñados desde una estación base no autorizada hacia los dispositivos afectados. Debido a la comprobación insuficiente de la entrada de dos valores al analizar los mensajes, una explotación con éxito puede causar un dispositivo anormal. Esta es la 2 de 2 vulnerabilidades. Diferente de CVE-2020-5302. Los productos afectados y sus son: ALP-AL00B: anteriores a 9.1.0.333(C00E333R2P1T8) ALP-L09: anteriores a 9.1.0.300(C432E4R1P9T8) ALP-L29: anteriores a 9.1.0.315(C636E5R1P13T8) BLA-L29C: anteriores a 9.1.0.321(C636E4R1P14T8), anteriores a 9.1.0.330(C432E6R1P12T8), anteriores a 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: anteriores a 9.1.0.333(C00E333R2P1T8) Berkeley-L09: anteriores a 9.1.0.350(C10E3R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8), anteriores a 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: anteriores a 9.1.0.311(C185E4R1P11T8), anteriores a 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: anteriores a 9.1.0.325(C185E4R1P11T8), anteriores a 9.1.0.335(C636E3R1P13T8), anteriores a 9.1.0.345(C432E8R1P11T8), anteriores a 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: anteriores a 9.1.0.333(C00E333R1P1T8) Columbia-L29D: anteriores a 9.1.0.350(C461E3R1P11T8), anteriores a 9.1.0.350(C185E3R1P12T8), anteriores a 9.1.0.350(C10E5R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: anteriores a 9.1.0.333(C00E333R1P1T8) Cornell-L29A: anteriores a 9.1.0.328(C185E1R1P9T8), anteriores a 9.1.0.328(C432E1R1P9T8), anteriores a 9.1.0.330(C461E1R1P9T8), anteriores a 9.1.0.328(C636E2R1P12T8) Emily-L09C: anteriores a 9.1.0.336(C605E4R1P12T8), anteriores a 9.1.0.311(C185E2R1P12T8), anteriores a 9.1.0.345(C432E10R1P12T8) Emily-L29C: anteriores a 9.1.0.311(C605E2R1P12T8), anteriores a 9.1.0.311(C636E7R1P13T8), anteriores a 9.1.0.311(C432E7R1P11T8) Ever-L29B: anteriores a 9.1.0.311(C185E3R3P1), anteriores a 9.1.0.310(C636E3R2P1), anteriores a 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: anteriores a 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: anteriores a 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: anteriores a 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: anteriores a 9.1.0.135(C00E133R2P1) HUAWEI P20: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P30: anteriores a 9.1.0.193 HUAWEI P30 Pro: anteriores a 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: anteriores a 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: anteriores a 9.1.0.305(C635E8R2P2) Honor 10 Lite: anteriores a 9.1.0.283(C605E8R2P2) Honor 8X: anteriores a 9.1.0.221(C461E2R1P1T8) Honor View 20: anteriores a 9.1.0.238(C432E1R3P1) Jackman-L22: anteriores a 9.1.0.247(C636E2R4P1T8) Paris-L21B: anteriores a 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: anteriores a 9.1.0.331(C185E4R1P3T8) Paris-L29B: anteriores a 9.1.0.331(C636E1R1P3T8) Sydney-AL00: anteriores a 9.1.0.212(C00E62R1P7T8) Sydney-L21: anteriores a 9.1.0.215(C432E1R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: anteriores a 9.1.0.213(C185E1R1P2T8) Sydney-L22: anteriores a 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: anteriores a 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: anteriores a 9.1.0.228(C00E78R1P7T8) SydneyM-L01: anteriores a 9.1.0.215(C782E2R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8), anteriores a 9.1.0.270(C432E3R1P1T8) SydneyM-L03: anteriores a 9.1.0.217(C605E1R1P1T8) SydneyM-L21: anteriores a 9.1.0.221(C461E1R1P1T8), anteriores a 9.1.0.215(C432E4R1P1T8) SydneyM-L22: anteriores a 9.1.0.259(C185E1R1P2T8), anteriores a 9.1.0.220(C635E1R1P2T8), anteriores a 9.1.0.216(C569E1R1P1T8) SydneyM-L23: anteriores a 9.1.0.226(C605E2R1P1T8) Yale-L21A: anteriores a 9.1.0.154(C432E2R3P2), anteriores a 9.1.0.154(C461E2R2P1), anteriores a 9.1.0.154(C636E2R2P1) Honor 20: anteriores a 9.1.0.152(C00E150R5P1) Honor Magic2: anteriores a 10.0.0.187 Honor V20: anteriores a 9.1.0.234(C00E234R4P3)", }, ], id: "CVE-2019-5303", lastModified: "2024-11-21T04:44:42.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-27T20:15:12.397", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.", }, { lang: "es", value: "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de salto de ruta. El sistema no comprueba suficientemente determinado nombre de ruta, una explotación con éxito podría permitir al atacante acceder a archivos y causar una divulgación de información", }, ], id: "CVE-2020-9106", lastModified: "2024-11-21T05:40:02.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-12T14:15:14.183", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-04 19:29
Modified
2024-11-21 04:44
Severity ?
Summary
There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_firmware | * | |
huawei | p30 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AF7D1F2D-B51E-4ABF-B53D-6F4F7EE54081", versionEndExcluding: "vog-al00_9.1.0.162\\(c01e160r1p12\\/c01e160r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "55CF6874-A1F4-4F8D-AE66-2D5F8CE25B9C", versionEndExcluding: "ele-al00_9.1.0.162\\(c01e160r1p12\\/c01e160r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)", }, { lang: "es", value: "Existe una vulnerabilidad de man-in-the-middle (MITM) en las versiones de Teléfonos Huawei P30 antes de ELE-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1), y P30 Pro versiones anteriores a VOG-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1). Cuando los usuarios establecen la conexión y transfieren datos a través de Huawei Share, un atacante podría rastrear, falsificar y realizar una serie de operaciones para entrometerse en la conexión de Huawei Share y lanzar un ataque Man-in-the-middle para obtener y manipular los datos. (ID de vulnerabilidad: HWPSIRT-2019-03109)", }, ], id: "CVE-2019-5215", lastModified: "2024-11-21T04:44:31.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-04T19:29:00.227", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-15 16:15
Modified
2024-11-21 05:39
Severity ?
Summary
HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | tony-al00b_firmware | * | |
huawei | tony-al00b | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E435BD0-2D12-4A15-BF67-4E83C1848884", versionEndExcluding: "10.1.0.135\\(c00e135r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E5A64DE-1846-44E8-AA2D-E2EF15F308AA", versionEndExcluding: "10.1.0.135\\(c00e135r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B88F6982-D7F1-409D-A73C-4E439CA2CAD5", versionEndExcluding: "10.1.0.135\\(c01e135r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63B310F0-9165-48E3-9609-6CA49D6E10C5", versionEndExcluding: "10.1.0.137\\(c00e137r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0E14B978-2A3C-4F55-8E3A-BA41AB137C33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.", }, { lang: "es", value: "Los teléfonos inteligentes HUAWEI P30; HUAWEI P30 Pro; Tony-AL00B con versiones anteriores a 10.1.0.135(C00E135R2P11); versiones anteriores a 10.1.0.135(C00E135R2P8),versiones anteriores a 10.1.0.135, presentan una vulnerabilidad de autenticación inapropiada. Debido a que la identidad del remitente del mensaje no está siendo verificada apropiadamente, un atacante puede explotar esta vulnerabilidad por medio de un ataque de tipo man-in-the-middle para inducir a un usuario a acceder a una URL maliciosa", }, ], id: "CVE-2020-9076", lastModified: "2024-11-21T05:39:59.047", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-15T16:15:23.270", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-21 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.", }, { lang: "es", value: "El teléfono inteligente HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una vulnerabilidad de desbordamiento de enteros. Algunas funciones carecen de comprobación cuando procesan algunos mensajes enviados desde otro módulo. Los atacantes pueden explotar esta vulnerabilidad mediante el envío de mensajes maliciosos que causen un desbordamiento de enteros. Esto puede comprometer el servicio normal.", }, ], id: "CVE-2020-9095", lastModified: "2024-11-21T05:40:00.847", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-21T14:15:11.217", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-10 20:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C7558A-D8B6-4773-A14D-38EDFFD96E5E", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.", }, { lang: "es", value: "HUAWEI P30 versiones anteriores a 10.1.0.160(C00E160R2P11); HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de denegación de servicio. Determinada configuración del sistema puede ser modificada debido a una autorización inapropiada. El atacante podría engañar al usuario instalando y ejecutando una aplicación maliciosa, una explotación con éxito podría causar una condición de denegación de servicio de la función PHONE", }, ], id: "CVE-2020-9245", lastModified: "2024-11-21T05:40:15.703", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-10T20:15:11.923", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-29 19:15
Modified
2024-11-21 04:44
Severity ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | hisuite_firmware | * | |
huawei | hisuite | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "685D05E1-BFE2-469D-AF24-B9B5175C2D3E", versionEndExcluding: "elle-al00b_9.1.0.193\\(c00e190r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1822A93-8ED2-4E74-8AE2-30176892F67B", versionEndExcluding: "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7113FB5E-9B2A-4829-BB70-1067911BC880", versionEndExcluding: "hima-al00b_9.1.0.135\\(c00e133r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23B293EE-9920-42CB-AC07-17F004CFA501", versionEndExcluding: "9.1.0.305", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*", matchCriteriaId: "2C5F20DB-9D2E-4357-89D4-62DC2A6E9F02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.", }, { lang: "es", value: "Los teléfonos inteligentes P30, P30 Pro, Mate 20 con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R2P1), versiones anteriores a Hima-AL00B 9.1.0.135 (C00E133R2P1) y HiSuite con versiones anteriores a HiSuite 9.1.0.305, presentan una vulnerabilidad de degradación de versión. El dispositivo y el software HiSuite no comprueban el paquete de actualización suficientemente, de modo que el sistema del teléfono inteligente puede degradarse a una versión anterior.", }, ], id: "CVE-2019-5226", lastModified: "2024-11-21T04:44:33.630", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-29T19:15:12.057", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-346", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-17 23:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CFEFFE4-9C9D-42BD-A183-338606D53ACC", versionEndExcluding: "10.1.0.123\\(c432e19r2p5patch02\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC534873-48EE-4C7F-A27E-DB70BA3FD5D0", versionEndExcluding: "10.1.0.126\\(c10e11r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.", }, { lang: "es", value: "Los teléfonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E19R2P5patch02), versiones anteriores a 10.1.0.126(C10E11R5P1) y versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de error de comprobación lógica. Se produce un error lógico cuando el software comprueba el tamaño de determinado parámetro, el atacante debe engañar al usuario para que instale una aplicación maliciosa, una explotación con éxito puede causar una ejecución de código", }, ], id: "CVE-2020-9254", lastModified: "2024-11-21T05:40:16.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-17T23:15:11.617", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-14 17:15
Modified
2024-11-21 04:51
Severity ?
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", matchCriteriaId: "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:blackberry:blackberry:-:*:*:*:*:*:*:*", matchCriteriaId: "E8239084-1BAF-48F8-A57C-BEB0036DA346", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:12.4:*:*:*:*:*:*:*", matchCriteriaId: "47E54551-6C9D-4E0C-AE9F-7585B0513B3F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*", matchCriteriaId: "E84CE847-550E-445B-8972-2FB5BCF6B04F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*", matchCriteriaId: "04D7DAFB-DEE4-4A71-A27C-0E34426AACE0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*", matchCriteriaId: "7BCF5B87-0AAD-4030-B439-B58990ED31DA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:tvos:12.4:*:*:*:*:*:*:*", matchCriteriaId: "655F7FDF-5E6F-4984-8EBA-95B49BB14A6E", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:watchos:5.3:*:*:*:*:*:*:*", matchCriteriaId: "73DE60EC-0D7E-4D02-B7F1-AA0799088FE0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*", matchCriteriaId: "AFB0FFE3-4BE1-4024-BCC6-1B87074DE2E3", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_host_eus:4.2:*:*:*:*:*:*:*", matchCriteriaId: "A9708C6C-5DD1-43D8-8BD4-71BAFC3C997B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_aus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "8D067B04-CDF9-4395-83FA-17145267BA18", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*", matchCriteriaId: "C2B15608-BABC-4663-A58F-B74BD2D1A734", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*", matchCriteriaId: "CBF9BCF3-187F-410A-96CA-9C47D3ED6924", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "5749E2F6-8B59-439C-9E60-49466C2DD157", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "F8F8F038-6115-445E-AFCB-974BAAEBD876", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*", matchCriteriaId: "36E85B24-30F2-42AB-9F68-8668C0FCC5E3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*", matchCriteriaId: "E5CB3640-F55B-4127-875A-2F52D873D179", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "4E082C33-2F83-4AF1-A91D-94EF05DE98A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "803D7386-1E7C-451E-A52F-91B6039BB97F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D5F7E11E-FB34-4467-8919-2B6BEAABF665", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "1995855A-1883-412D-B629-5436E881FF08", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ares-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A577297-C186-4CC4-A67D-DE7AB46FC08F", versionEndExcluding: "9.1.0.160\\(c00e160r2p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ares-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "43F6F4AE-1938-4E92-8DBD-A80B703EDCA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ares-al10d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27438A38-0793-4719-BEB2-2CC44553E058", versionEndExcluding: "9.1.0.160\\(c00e160r2p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ares-al10d:-:*:*:*:*:*:*:*", matchCriteriaId: "C56298B1-7923-44E1-B9D5-78C030792209", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ares-tl00c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F34FF7B9-D8B6-4C2E-A9E6-CBF407F60DDF", versionEndExcluding: "9.1.0.165\\(c01e165r2p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ares-tl00c:-:*:*:*:*:*:*:*", matchCriteriaId: "CB4D3E8A-E271-4857-BC1F-DBC69C564530", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:asoka-al00ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "71BA8A3E-0112-4904-85A2-E483627874CA", versionEndExcluding: "9.1.1.181\\(c00e48r6p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:asoka-al00ax:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2C06DA-9060-468D-A89F-F5C5EE3297E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:atomu-l33_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B380CA3-F13A-427D-874B-B8D632DDF5AB", versionEndExcluding: "8.0.0.147\\(c605custc605d1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:atomu-l33:-:*:*:*:*:*:*:*", matchCriteriaId: "C3F378F7-5CE8-4499-8537-6FD99026DB6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:atomu-l41_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2B15BAD-ACCC-44D7-A942-3E5DAFE1ED1C", versionEndExcluding: "8.0.0.153\\(c461custc461d1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:atomu-l41:-:*:*:*:*:*:*:*", matchCriteriaId: "3E1129F1-BE98-456D-AB43-DFC5859635DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:atomu-l42_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "697C30E8-BB17-44F3-8DA4-AEF9D15222ED", versionEndExcluding: "8.0.0.155\\(c636custc636d1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:atomu-l42:-:*:*:*:*:*:*:*", matchCriteriaId: "73932E23-6868-4A1C-B1CC-8F4E36A7114A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7282513-0D84-4A2D-A4DC-491C8F4C7184", versionEndExcluding: "9.1.0.329\\(c786e320r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "B11D6D9B-335B-404C-88F3-590DF9E5D878", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8979842F-0AD8-47BA-87A1-02F13EB145EA", versionEndExcluding: "9.1.0.300\\(c605e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "00BED6E8-D790-4A57-AA1E-4A2D04832594", versionEndExcluding: "9.1.0.329\\(c01e320r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*", matchCriteriaId: "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E4035199-8628-468D-BE58-17892D063357", versionEndExcluding: "8.0.0.366\\(c00\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:barca-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "3FA823EC-2A56-4C48-8FB5-317B6ED81E40", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*", matchCriteriaId: "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82D57889-9678-4A25-B352-65A99104B72E", versionEndExcluding: "9.1.0.332\\(c432e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-tl10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F36EF5C3-FF4A-4849-97C3-FD4BC05FBCD5", versionEndExcluding: "9.1.0.333\\(c01e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-tl10:-:*:*:*:*:*:*:*", matchCriteriaId: "6CE70011-5F76-460B-ABB5-7C738B0AB2CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cairogo-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0E1EFD33-BC40-4DB6-B2CB-FFA616B6A65B", versionEndExcluding: "cairogo-l22c461b153", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cairogo-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "700FA8F3-B729-44E2-B56F-D80292BF460F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29A8F9DA-FF8D-40C5-9CD4-66AF719DC1AC", versionEndExcluding: "9.1.0.311\\(c605e2r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B37F0AE0-C461-4B70-B790-9606E2D27E0F", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "2F63CA2F-45B8-4DD3-81AE-8359929AE50B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-al10i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3905BE38-3C2C-4B0D-B804-15A87B9DA244", versionEndExcluding: "9.1.0.335\\(c675e8r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:*", matchCriteriaId: "DFF16336-9CFE-4D67-852B-4C356E3C5951", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F7B01B2-E3BA-49CF-B651-85404988A481", versionEndExcluding: "9.1.0.350\\(c10e5r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-tl00d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25176953-B380-49C7-BE67-A4053DCEBADB", versionEndExcluding: "8.1.0.186\\(c01gt\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE1BB06-0403-4F46-AF76-DAD85D538907", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E07C41EF-6F24-4477-A32F-BEE404E4388E", versionEndExcluding: "9.1.0.333\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "AB5193B7-6F3F-4249-BB74-62480893CAB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-al00i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "344A5958-037B-4AB5-8B8E-A4FC948C95A7", versionEndExcluding: "9.1.0.363\\(c675e3r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-al00i:-:*:*:*:*:*:*:*", matchCriteriaId: "F7BB30EE-ECCE-4697-A990-F910F3B5C2B0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-al00ind_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9DAC1975-0955-42EF-8242-52BEE2BDE008", versionEndExcluding: "8.2.0.141\\(c675custc675d1gt\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-al00ind:-:*:*:*:*:*:*:*", matchCriteriaId: "34AECCA8-6B67-4DF5-A6C9-A6F333664950", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-al10ind_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68C87563-3724-4B7F-8F33-C0B09694B164", versionEndExcluding: "9.1.0.363\\(c675e2r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-al10ind:-:*:*:*:*:*:*:*", matchCriteriaId: "28D9A40E-51BC-458D-ADE6-EA680F23F2B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5589A1A9-0214-4391-BBD2-932FF53B2002", versionEndExcluding: "9.1.0.336\\(c636e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-tl10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D952E67-D771-48DF-A4A9-69D6FFABE2CE", versionEndExcluding: "9.1.0.333\\(c01e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-tl10b:-:*:*:*:*:*:*:*", matchCriteriaId: "73F60E9A-0ACB-4E44-ADFB-771C695FCF08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:dubai-al00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6995D12-C03B-4380-BCE8-5DE2DC97E198", versionEndExcluding: "8.2.0.190\\(c00r2p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:dubai-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "B2A1EE4A-1539-4FD7-B5D8-D3725CB3A843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:dura-al00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2EE2E6C4-BADF-4215-B31E-CCF399270B83", versionEndExcluding: "1.0.0.182\\(c00\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:dura-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "DC591FA6-55E1-4628-AE43-CD1E2A4980E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:dura-tl00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86C43B18-C1BF-4DB9-92D2-D9E333F73CE3", versionEndExcluding: "1.0.0.176\\(c01\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:dura-tl00a:-:*:*:*:*:*:*:*", matchCriteriaId: "6E269DC2-682C-49B7-8492-F8622572C785", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c605\\):*:*:*:*:*:*:*", matchCriteriaId: "AF895541-98C9-4520-9CAF-36CA963F9BA0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3631A567-0F95-4477-B2DC-D1B09736140D", versionEndExcluding: "9.1.0.338\\(c185e3r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "AEB4EC14-14DE-4AAF-A951-071B4E39270A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l23_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D28EB2-8919-4AD2-8455-194B8AB14FFB", versionEndExcluding: "9.1.0.160\\(c605e6r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l23:-:*:*:*:*:*:*:*", matchCriteriaId: "42D1377E-92E6-472A-9734-D5DA1C8319A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l31_firmware:8.0.0.122d\\(c652\\):*:*:*:*:*:*:*", matchCriteriaId: "05C2AFA5-D4B0-414D-8894-7DBF020C3A40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "6F291A39-6603-4619-BB18-B1A4C48F945A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-tl10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAFFCE6B-14C3-459B-B7CB-B8380AAAD19F", versionEndExcluding: "9.1.0.130\\(c01e115r2p8t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-tl10b:-:*:*:*:*:*:*:*", matchCriteriaId: "88BDA8C0-CD09-418F-A334-E54B8E458D05", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:florida-al20b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AED8A17-5120-4F1F-819B-C2592FC73411", versionEndExcluding: "9.1.0.128\\(c00e112r1p6t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:florida-al20b:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF7DFEE-5C99-4C65-B3D8-AEE21E81A6BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCE9BC91-0596-483E-8D2C-431A72A56797", versionEndExcluding: "9.1.0.150\\(c185e6r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "88CD5EEC-DA40-4B35-A2CD-6F48147F0810", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:florida-l22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49F91DCF-B3DF-4087-A608-0E6A06DE6FA4", versionEndExcluding: "9.1.0.150\\(c636e6r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:florida-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D1387541-860F-43AE-809B-AFA9338DC378", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:florida-l23_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6498D22-6C7C-4E66-BAD7-20CFC297FBF5", versionEndExcluding: "9.1.0.154\\(c605e7r1p2t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:florida-l23:-:*:*:*:*:*:*:*", matchCriteriaId: "38E2DAC5-FD49-4DC2-854E-71DACE1BC643", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:florida-tl10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1E7E0ED-EB2E-4A55-B81D-8ECE3FD3AE58", versionEndExcluding: "9.1.0.128\\(c01e112r1p6t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:florida-tl10b:-:*:*:*:*:*:*:*", matchCriteriaId: "4776C729-200A-4D86-B635-185B65FC2570", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEFA597A-ECA8-49E5-A1D9-44E1D1E51DD1", versionEndExcluding: "9.1.0.143\\(c675e8r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*", matchCriteriaId: "55571AAC-B8B2-48D0-8486-BB2992A39568", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A12E685-F91D-4C04-82C5-61A9BA317A42", versionEndExcluding: "9.1.0.154\\(c185e2r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0F3FB528-5C26-446F-9985-E325AB87203B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "483669DB-D71C-48BD-BA29-B971C4D423A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "18031A60-6047-43E5-A75D-4BF44532EFBA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p_smart_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4AE3143-67EB-49B3-8B1D-DB34CCE3829C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "64C4DE1A-ACBD-4DCA-8BAD-23AE6DF4025B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p_smart_2019_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "85E3D35A-F979-48D0-92F8-1DBFF7BD2562", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "9B141C85-AFD2-4D7C-8B72-A065B3C905F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "67931720-1EED-43CB-BB7B-BC0CCA773AC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*", matchCriteriaId: "7492911B-4242-4947-9DED-9F48FC0875CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_pro_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90F53673-A878-4935-A992-E6F61D41FD24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6B315FBC-8BF9-4256-80F9-63EFF0806BEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BE96D0C4-D43B-4AB3-A712-45F4F7F17BB8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A26F9E66-8070-4884-87D1-BD87E189B10C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y5_2018_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5BECFA24-FBD8-4320-B5C9-CDD3D5338582", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y5_2018:-:*:*:*:*:*:*:*", matchCriteriaId: "EFBD5328-0BFF-49F7-B2EC-E73BC6D41FF5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y5_lite_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3C6AA13E-9801-401E-8E86-EE48C9BA5CAB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y5_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "BA384300-C2B6-43B8-98F1-94488DA6CB06", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y6_2019_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FB50358-E75A-4B53-8780-D46F9D8B0F54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "7E7053C3-4EB2-438E-9544-41ACF7A91057", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y6_prime_2018_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DB1EA662-A8E3-45E5-A4C6-8C5E12AEA2E5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y6_prime_2018:-:*:*:*:*:*:*:*", matchCriteriaId: "A4033E6E-FFFA-40D5-9AB9-D1497AB5C314", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y6_pro_2019_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7ED2D400-55BD-437F-A98C-1E3299590B22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1F9660-41E0-4536-8032-57AD3E844A94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y7_2019_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B60AB519-4416-44F6-BF9D-20E24BA0B502", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y7_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "FC5510EA-9A5A-4F72-AE40-AACFE58D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y9_2019_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7A87C804-7DAA-47E2-A587-1D7541462BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "F48ABE15-BC87-4B02-8B39-94DA1DC96B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9BBC9263-82BB-4B33-B682-A7B1A65D1577", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*", matchCriteriaId: "BF68FFB0-01F8-4937-8BF4-36866F02E9A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_4_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DE87ADA6-7085-4ADA-B8F7-D863A1765580", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*", matchCriteriaId: "07D1E240-F1DE-4FC0-84B7-873978A9A6B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "94DF684B-8BDD-4035-A8C7-2B565544CB81", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_5:-:*:*:*:*:*:*:*", matchCriteriaId: "0CF67964-B009-4209-B281-49055829BB4C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_5i_pro_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "57BED229-03B1-43C2-9239-DAA5C9BD4F40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_5i_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "C6C9D864-8A1E-475B-94B3-522D23D91288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_lite_3_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "28304195-13E1-4757-B07C-34FBA1DDA061", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:harry-al00c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A46BA4B6-A387-4D51-9278-CABE5E2C224B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:*", matchCriteriaId: "9DF9FAC4-0A8C-463C-8E5C-64E33D145E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C41532B6-FE2A-4174-B1AA-074F08B64DEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "1A2BE361-1412-455E-A553-0CA9D14E4C1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:harry-tl00c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C5067B8-4862-48CB-B6A2-E3191314EED2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:*", matchCriteriaId: "E31013C1-26DA-4A6D-BBD4-BF0630EEEB66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:hima-l29c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "95F68969-FB0A-4B51-9F67-DE5021EFABAF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "366DC5C5-9276-4921-9ABD-92941B0CEE6D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_10_lite_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "42AFF1E9-D82D-4301-87FD-A8B6B7C9B75F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_8a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1A298082-CC80-4316-9AEB-9E8F8B52EE88", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*", matchCriteriaId: "B2E19C33-F393-4E0C-9AA7-461AF50EDF7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_8x_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AB09814B-81B3-4236-B3AE-EAE800678D2D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*", matchCriteriaId: "E7635502-0FD1-464E-8C64-1E8FF6235495", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_view_10_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B72EBDE-1020-4177-BFC0-2E968FB17C29", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_view_10:-:*:*:*:*:*:*:*", matchCriteriaId: "E788B81C-69DB-4A13-AC70-1E17120CB82E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_view_20_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DAEA5A51-8067-4160-B115-085A529CD987", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", matchCriteriaId: "6A55CF4F-8E86-419C-845B-CE60070620A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:jakarta-al00a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6067DA42-ECDC-4D11-813F-9C67CC8055AE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:jakarta-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "44E124FE-9F3E-4A89-9DFB-2ACEF751BA82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:johnson-tl00d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3B8A8714-83BD-49B7-86E8-3224DD02344E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*", matchCriteriaId: "566629E0-84F2-4DFA-A20E-2D20C472E4B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:johnson-tl00f_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "79F89951-0A96-4424-B1E3-30488876BDF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:*", matchCriteriaId: "0075F84C-492C-408D-941B-274A0A0C3B82", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:katyusha-al00a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FE0B00D-B846-4771-9D3B-4ACE59DD0C5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:katyusha-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "38E3A00A-6EB8-4E04-B1BC-E7663C9C1EA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:laya-al00ep_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2B4A88E4-D37E-49CC-B4A4-86CBD030131E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*", matchCriteriaId: "5B3A54AE-DC30-429B-8FB8-BE6EB933E685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-l21a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FF6A6123-2AC6-407F-8D1C-8A148889946E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "A663ACC5-FC2D-4FD7-BA9E-55344E257D4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-l31a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "697FC0BE-4EE7-41B1-B19D-6BB1377C81A4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-l31a:-:*:*:*:*:*:*:*", matchCriteriaId: "059598D5-E1FC-4727-A29C-5904FDFA4EA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-l32a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1CE3288B-7A63-474E-9CF6-A78C74AA2049", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-l32a:-:*:*:*:*:*:*:*", matchCriteriaId: "B7704B5F-4164-477C-A528-2998092C81D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-l32c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8BBA5685-AB27-4BB2-BF66-8DDEA4B25158", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-l32c:-:*:*:*:*:*:*:*", matchCriteriaId: "95F935A0-E7B2-4281-8D36-EB19358061D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-l42a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B6983D6A-DE3C-43F5-B827-665F979E127D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-l42a:-:*:*:*:*:*:*:*", matchCriteriaId: "C03D17FC-0921-41D2-B193-26163AEFE8F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-l42c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C067242F-C4BC-4EB2-86A5-FA508241C29D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-l42c:-:*:*:*:*:*:*:*", matchCriteriaId: "D10E950B-FDF6-4E22-9D88-60D0225466E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-tl10b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "24E8438F-9D3B-4565-AC01-AC4729B4C2A1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-tl10b:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB8A667-95DE-4087-8418-49F5ACE194BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:leland-tl10c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9A9BC1A3-62D9-4C51-A850-C44DC5A7DA61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:leland-tl10c:-:*:*:*:*:*:*:*", matchCriteriaId: "11CB58EA-972E-460F-95F4-5413E05DA04C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:lelandp-al00c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1F5C8248-26DB-4423-A6C9-56788C9ED5CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:lelandp-al00c:-:*:*:*:*:*:*:*", matchCriteriaId: "4BD659D6-F838-4668-901A-0C17AB18E7C6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:lelandp-al10b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5D184ED2-0C47-41A5-9DDB-E0872249D080", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:lelandp-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "68BCAF57-9BF8-4EB0-B6FB-1B40737FFC9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:lelandp-al10d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4BD41E18-2981-43FF-8FF5-41EE3775DC6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:lelandp-al10d:-:*:*:*:*:*:*:*", matchCriteriaId: "F33CAF53-20C8-4AB2-B728-80B6F7B5FA2A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:lelandp-l22a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B5ADF3A6-9F52-4BFF-8FFB-E60E971AF98D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*", matchCriteriaId: "842AB2B6-2C7A-4681-ACB7-E642E5D9D76D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:lelandp-l22c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B2D29D20-4F3B-4B6B-90AC-315652E47DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*", matchCriteriaId: "80D7FA39-2EE4-49F8-9EF4-009304DB6108", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:lelandp-l22d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A24E0E52-6C3B-4B4B-8F32-9467B9E56CB8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*", matchCriteriaId: "6A956F54-5B4B-4103-BA45-88F8FF7D9FD7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:london-al40ind_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6EAB36F5-50CC-4A8C-94D3-F0E001BDEC7A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:london-al40ind:-:*:*:*:*:*:*:*", matchCriteriaId: "F9452809-D19E-4B63-9B84-BBD8AB4485E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:madrid-al00a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FFA8110C-64B9-4346-9E46-44E87778EA2B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:madrid-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "DE8B2A97-DA47-40C8-8DB5-1AE1A89559A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:madrid-tl00a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4137623C-6736-44C9-8446-22CE5DE10797", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:madrid-tl00a:-:*:*:*:*:*:*:*", matchCriteriaId: "00EE1329-D545-43F2-8D14-CBA53F3F8EFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:neo-al00d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "65161544-ACCE-4281-9B15-DD1A732A6218", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*", matchCriteriaId: "B4B07FEC-514D-4A51-B26B-02254A867DC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-al00ic_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "368F7A8F-B0F4-4E5C-ADB2-5EB8D3F831C8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-al00ic:-:*:*:*:*:*:*:*", matchCriteriaId: "042B7861-608F-4F0C-BF5E-FF2455C9BE79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l21b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "632F1A63-66BE-43AF-A0FA-968D4728E2C1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*", matchCriteriaId: "5B3765F0-677E-48FA-8A70-8F5A69660DC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l21meb_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BF0531C9-2B62-40E1-8F95-430BCD42BB34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*", matchCriteriaId: "010590E4-2979-4AE3-9B94-7C1BC5CE0533", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:paris-l29b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC2BEB-0A61-4C3A-8CA4-674E5FEDC859", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*", matchCriteriaId: "143485B2-5216-4190-8306-63D12362F6AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:potter-al00c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9AF87777-1D49-4EC9-9F5F-22090F78AF11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:*", matchCriteriaId: "34141B01-DA8B-4029-B275-395AC11C40C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:potter-al10a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5E4E204F-462B-4743-B87B-1CB4D4DE8D29", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:*", matchCriteriaId: "0CF01A3C-2E60-45B8-8D4E-58B5710FC40C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:princeton-al10b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DA8E4F26-E50C-4D06-A183-1BC9F1B9072F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:princeton-al10d_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4571D5E3-E327-4C04-939E-66B5A9D0CC18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*", matchCriteriaId: "11E6B825-CA55-4BEC-8279-3F33F7CC93EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:princeton-tl10c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E996FA3-91E7-42EF-A73F-6948A855F886", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*", matchCriteriaId: "35F6A54F-E004-4BE7-A6A6-3E7C300DC498", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-al00_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C4118EE5-084A-4DA3-B8D4-6EAC2729A2C2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "66A35E71-4D6A-494D-882B-987CE16E3467", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6049D750-284C-4A03-95B6-1A7A0CC21BD1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "C949EB56-D8A6-4D5C-98B4-3FF056536BF1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l21br_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EF481690-3033-466D-966D-C9F65E6212A8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*", matchCriteriaId: "BD953016-2468-40BD-8383-9105BA297C26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l22_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4F5D16B5-6AC5-455D-AFD7-7E01E37DC5EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "40DAF023-9D20-4262-B5BE-F3C61906C9BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-l22br_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7E0FE590-B043-4E4D-BC72-C0163ACDC194", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*", matchCriteriaId: "EE0C17CF-D4AA-460E-815F-32FB5C8702A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydney-tl00_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5072B124-1290-417C-ADEB-F39C294F23A3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydney-tl00:-:*:*:*:*:*:*:*", matchCriteriaId: "0F4A324E-CF87-4C79-B42A-F5B3B7CEFE6E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-al00_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "58742692-675E-4546-AB6F-8E57ECBA7C09", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*", matchCriteriaId: "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l01_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F8DDCF56-3362-4DCD-9C7C-7D87D0F5A75D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l03_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6F3A6D05-7BC6-4FCF-BAAF-53B13008F783", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*", matchCriteriaId: "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l21_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "283A05FB-8A2D-4675-870A-A804B7161941", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "FCE69226-79D4-4CB9-8E81-BC82A8A98095", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l22_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5349FCB9-93CB-4945-96EA-89CBE613082D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*", matchCriteriaId: "D7D9B914-5EDF-46A5-992B-EBD49191EC4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:sydneym-l23_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DE5E0EB1-5CBC-420F-8F3D-43C309C75A0E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*", matchCriteriaId: "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tony-al00b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "58B13F37-2D12-490A-9757-2B1EDE00FB97", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0E14B978-2A3C-4F55-8E3A-BA41AB137C33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tony-tl00b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F488BE9A-5B94-4D3B-9512-9BB8DA5E0391", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*", matchCriteriaId: "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-al00a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B5DA51C4-E32B-4EE5-9702-339789D62213", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "562D05D2-CC9E-4973-9E8D-B40C0ED6C721", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-al50a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7927B88C-7CDC-45E7-A80F-B192C0AE13ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*", matchCriteriaId: "77360A45-7501-4243-812A-D8C3403D1F03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FE7B42EC-D142-4B36-BDFE-8091BB06B017", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*", matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-l61c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4168BC18-420C-42A8-B662-78D2500A4D89", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-l61c:-:*:*:*:*:*:*:*", matchCriteriaId: "C273A8B6-E86E-4E1B-8EEC-A84837B297F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-tl00b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "88A0C1C5-2870-4187-B899-1334572B7F87", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*", matchCriteriaId: "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yalep-al10b_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C7D2E47E-4A03-49DD-894D-35173EC98A56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D81385-913B-4A38-A712-41CAE7B78DF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:imanager_neteco_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5F2287FD-97E0-4A11-B650-0C292A916650", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:imanager_neteco:-:*:*:*:*:*:*:*", matchCriteriaId: "D96479E8-2B4F-4149-B61B-79ECD0524A01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FC3D22C1-B967-4AAD-AEE8-7357F1AF4C3D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:imanager_neteco_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "7B8CFC69-D6E8-4163-AE0F-B85693F2555D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F7087288-2C19-4DDA-A0CD-419683391002", versionEndExcluding: "9.1.0.306\\(c185e2r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "126D381D-C88E-4404-9142-10002B2EB99E", versionEndExcluding: "9.1.0.306\\(c432e4r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25595943-0ED9-4CF7-99AF-373C96E9FD12", versionEndExcluding: "9.1.0.306\\(c636e2r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E5F5DEE-631C-45B2-BEC7-CDE64F0F2077", versionEndExcluding: "9.1.0.307\\(c635e4r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BB64041-1B61-490E-BA4D-08F9B178CD7D", versionEndExcluding: "9.1.0.350\\(c10e3r1p14t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA96859C-81F6-4227-B228-BF6C82451A1B", versionEndExcluding: "9.1.0.350\\(c636e4r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*", matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60FA31C3-4B67-40F9-9E39-92F7E25F50A0", versionEndExcluding: "9.1.0.325\\(c185e4r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54983533-DFE0-4572-B95B-2F59247D5D28", versionEndExcluding: "9.1.0.325\\(c636e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AD911F9-31B9-4DE3-BC78-F40E4C6F1904", versionEndExcluding: "9.1.0.328\\(c432e5r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "510223BA-A1EC-4408-AA5B-8BD93A6C39BF", versionEndExcluding: "9.1.0.328\\(c782e10r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DD2B4309-0AA2-49A5-A103-0FD0CC893E04", versionEndExcluding: "9.1.0.350\\(c185e3r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C77C9A1A-0B19-4976-8070-E3D79124C466", versionEndExcluding: "9.1.0.350\\(c461e3r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F1177D77-6C80-4FAA-8AC0-AA9A0B0FA9D7", versionEndExcluding: "9.1.0.350\\(c636e3r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A", versionEndExcluding: "9.1.0.351\\(c432e5r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*", matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC9DF73A-C61A-4043-A4D4-61A544B41E0A", versionEndExcluding: "9.1.0.341\\(c185e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10206F8-D91D-4AB0-93F3-F39740DA707F", versionEndExcluding: "9.1.0.342\\(c461e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8360DEA6-D200-4C43-B82C-A7BF86E31B9F", versionEndExcluding: "9.1.0.347\\(c432e1r1p9t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*", matchCriteriaId: "D1554916-5994-4CAE-8101-CF01B199370C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9356FA3A-1DCE-4382-BDE5-B6FBBD294352", versionEndExcluding: "9.1.0.311\\(c461e2r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49A47A99-E952-4EA6-82EF-0C0099F086CF", versionEndExcluding: "9.1.0.325\\(c185e2r1p12t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF430412-8A6C-4E8C-8904-D8FA39A9E36A", versionEndExcluding: "9.1.0.325\\(c636e7r1p13t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7057F392-1D2F-4B69-9500-4D4BA20EC3FA", versionEndExcluding: "9.1.0.326\\(c635e2r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "392B15A3-61D7-4FE1-A514-5D0B2F7E9A11", versionEndExcluding: "9.1.0.328\\(c432e7r1p11t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*", matchCriteriaId: "5D370342-02DA-4859-B98B-0A3F78EACAEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65F6CFE8-5071-4419-9E30-1748692EE236", versionEndExcluding: "9.1.0.122\\(c09e7r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "6F291A39-6603-4619-BB18-B1A4C48F945A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BB72B761-E0C1-4728-AB85-2A833420DEB8", versionEndExcluding: "9.1.0.137\\(c33e8r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "6F291A39-6603-4619-BB18-B1A4C48F945A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1364E52C-AD75-4778-AC90-E9ADC243B507", versionEndExcluding: "9.1.0.137\\(c530e8r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "6F291A39-6603-4619-BB18-B1A4C48F945A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A33ED9A6-9818-4EE9-A22F-750B852789C1", versionEndExcluding: "9.1.0.158\\(c432e8r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "6F291A39-6603-4619-BB18-B1A4C48F945A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E19C3F4-998D-43C1-B371-CFECBAB5AF31", versionEndExcluding: "9.1.0.165\\(c10e8r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "6F291A39-6603-4619-BB18-B1A4C48F945A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "10C0DC76-8986-449D-B098-2EB7CA4228BB", versionEndExcluding: "9.1.0.150\\(c432e6r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*", matchCriteriaId: "88CD5EEC-DA40-4B35-A2CD-6F48147F0810", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A950FF3A-8934-4788-AAF1-28C139EFEA63", versionEndExcluding: "9.1.0.149\\(c675e8r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*", matchCriteriaId: "55571AAC-B8B2-48D0-8486-BB2992A39568", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A12E685-F91D-4C04-82C5-61A9BA317A42", versionEndExcluding: "9.1.0.154\\(c185e2r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CDADE368-D2EB-4DA9-A32E-9DE30BEE927D", versionEndExcluding: "9.1.0.154\\(c432e2r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E341C6A4-BA77-4002-BC06-475ABFFEBFFB", versionEndExcluding: "9.1.0.154\\(c636e2r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81C06F1A-9DAF-41EC-93D1-F61CD36D3471", versionEndExcluding: "9.1.0.155\\(c10e2r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50E688C7-4152-446F-AFBD-710622835A48", versionEndExcluding: "9.1.0.170\\(c185e2r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC4403D2-BAA4-4392-A453-5F1B28E8FA4F", versionEndExcluding: "9.1.0.170\\(c636e2r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2CF3193-1EB6-4792-BD23-3C1C243A3E3B", versionEndExcluding: "9.1.0.171\\(c10e2r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7FCD8C1-C635-4806-839E-14DC0CB3B4E2", versionEndExcluding: "9.1.0.172\\(c432e2r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "9E2BCA7E-E555-45D1-807A-F53682B0C383", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.", }, { lang: "es", value: "La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación de longitud de clave. Esto permite ataques prácticos de fuerza bruta (también se conoce como \"KNOB\") que pueden descifrar el tráfico e inyectar texto cifrado arbitrario sin que la víctima se dé cuenta.", }, ], id: "CVE-2019-9506", lastModified: "2024-11-21T04:51:45.113", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 4.7, source: "cret@cert.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-14T17:15:11.597", references: [ { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/11", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/13", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/14", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/15", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2975", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3055", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3076", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3089", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3165", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3187", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3217", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3218", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3220", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3231", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4115-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4118-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4147-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/918987/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Aug/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2975", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3089", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3231", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4115-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4118-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4147-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/918987/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "cret@cert.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-327", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-13 15:15
Modified
2024-11-21 04:44
Severity ?
Summary
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | honor_v10_firmware | * | |
huawei | honor_v10 | - | |
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | enjoy_7s_firmware | * | |
huawei | enjoy_7s | - | |
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | honor_9_lite_firmware | * | |
huawei | honor_9_lite | - | |
huawei | honor_9i_firmware | * | |
huawei | honor_9i | - | |
huawei | m6_firmware | * | |
huawei | m6 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | honor_20s_firmware | * | |
huawei | honor_20s | - | |
huawei | honor_9_lite_firmware | * | |
huawei | honor_9_lite | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B394D790-9589-4FC3-8B51-47B9F6E241D2", versionEndExcluding: "9.1.0.333\\(c00e333r2p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*", matchCriteriaId: "592CF37A-83FA-4C85-B5E7-1DB2297A77A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76BF8190-0F8E-4BEF-81C6-FE409F6B812A", versionEndExcluding: "9.1.0.226\\(c00e220r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:enjoy_7s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29CD79B3-14E0-44A4-B9DE-4C4A47449626", versionEndExcluding: "9.1.0.130\\(c00e115r2p8t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:enjoy_7s:-:*:*:*:*:*:*:*", matchCriteriaId: "40688207-579D-444D-A594-54E65069B6A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9BE6DA3-8840-4B23-8F78-632112A2B039", versionEndExcluding: "9.1.0.139\\(c00e133r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6154A71C-59D9-47C0-B7CA-AC837CB70E32", versionEndExcluding: "9.1.0.143\\(c636e5r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "E571CDA8-577E-4165-A960-DAD978FD23BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5DA66B4F-B5D6-485B-A741-1D08C03957E0", versionEndExcluding: "9.1.0.120\\(c00e113r1p6t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*", matchCriteriaId: "F931151C-4D0A-44D1-9417-B467F7E148A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:m6_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FC9664F-3422-4630-B917-326BDC4AF0BE", versionEndExcluding: "9.1.1.150\\(c00e150r1p150\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:m6:-:*:*:*:*:*:*:*", matchCriteriaId: "996B603A-E8F8-408D-A204-BB0638498F9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B40B07F3-0A6C-4102-976F-2E787311AA12", versionEndExcluding: "9.1.0.226\\(c00e210r2p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_20s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5BEBB5CD-2714-4761-A0C7-D97D24D267B6", versionEndExcluding: "9.1.1.132\\(c00e131r6p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_20s:-:*:*:*:*:*:*:*", matchCriteriaId: "C1442135-75BB-4C2C-8BBF-354CB0978489", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD9024A1-9F5A-4953-AE7C-6AB9926C0BBB", versionEndExcluding: "9.1.0.130\\(c00e112r2p10t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*", matchCriteriaId: "E571CDA8-577E-4165-A960-DAD978FD23BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.", }, { lang: "es", value: "Se presenta una vulnerabilidad de salto de ruta en varios teléfonos inteligentes Huawei. El sistema no comprueba de forma suficiente ciertos nombres de ruta de la aplicación. Un atacante podría engañar al usuario para que instale, realice una copia de seguridad y restaure una aplicación maliciosa. Una explotación con éxito podría causar una divulgación de información.", }, ], id: "CVE-2019-5251", lastModified: "2024-11-21T04:44:36.387", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-13T15:15:11.317", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.", }, { lang: "es", value: "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura y escritura fuera de límites. Un atacante no autenticado diseña un mensaje malformado con un parámetro específico y envía el mensaje hacia los productos afectados. Debido a una comprobación insuficiente del mensaje, que puede ser explotado para causar el reinicio del proceso", }, ], id: "CVE-2020-9108", lastModified: "2024-11-21T05:40:03.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-12T14:15:14.293", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | mate_20_x_firmware | * | |
huawei | mate_20_x | - | |
huawei | mate_20_x_firmware | * | |
huawei | mate_20_x | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | laya-al00ep_firmware | * | |
huawei | laya-al00ep | - | |
huawei | tony-al00b_firmware | * | |
huawei | tony-al00b | - | |
huawei | tony-tl00b_firmware | * | |
huawei | tony-tl00b | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD", versionEndExcluding: "10.1.0.160\\(c00e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E2B578A-E6CE-413D-890B-20AC7EAEE59C", versionEndExcluding: "10.1.0.160\\(c01e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73419613-9F87-4E99-9A8D-D8B6B74F882D", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "053881ED-D75B-4F53-AA58-3007A3769D1C", versionEndExcluding: "10.1.0.160\\(c01e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EBD1414-620B-4367-BF57-9AED468EA81C", versionEndExcluding: "10.1.0.160\\(c786e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*", matchCriteriaId: "5B3A54AE-DC30-429B-8FB8-BE6EB933E685", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21BE2094-71C2-4C64-860E-67DE745110AD", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*", matchCriteriaId: "0E14B978-2A3C-4F55-8E3A-BA41AB137C33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:tony-tl00b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2ACEC45-4B76-4AFC-BAD3-DA642A05CF30", versionEndExcluding: "10.1.0.160\\(c01e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*", matchCriteriaId: "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).", }, { lang: "es", value: "Se presenta una vulnerabilidad de divulgación de información en varios teléfonos inteligentes. El dispositivo no comprueba suficientemente la identidad del dispositivo portátil inteligente en determinado escenario específico, el atacante necesita obtener determinada información en el teléfono inteligente de la víctima para iniciar el ataque, y una explotación con éxito podría causar una divulgación de información. Las versiones del producto afectadas incluyen: HUAWEI Mate 20 versiones anteriores a 10.1.0.160(C00E160R3P8), versiones anteriores a 10.1.0.160(C01E160R2P8); HUAWEI Mate 20 X versiones anteriores a 10.1.0.160(C00E160R2P8), versiones anteriores a 10.1.0.160(C01E160R2P8); Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8); Laya-AL00EP versiones anteriores a 10.1.0.160(C786E160R3P8); Tony-AL00B versiones anteriores a 10.1.0.160(C00E160R2P11); Tony-TL00B versiones anteriores a 10.1.0.160(C01E160R2P11)", }, ], id: "CVE-2020-9109", lastModified: "2024-11-21T05:40:03.407", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-12T14:15:14.340", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-27 10:15
Modified
2025-01-10 20:37
Severity ?
3.5 (Low) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | princeton-al10d_firmware | * | |
huawei | princeton-al10d | - | |
huawei | yale-al00a_firmware | * | |
huawei | yale-al00a | - | |
huawei | yale-al50a_firmware | * | |
huawei | yale-al50a | - | |
huawei | yalep-al10b_firmware | * | |
huawei | yalep-al10b | - | |
huawei | mate_20_firmware | * | |
huawei | mate_20 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD", versionEndExcluding: "10.1.0.160\\(c00e160r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29C7558A-D8B6-4773-A14D-38EDFFD96E5E", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:princeton-al10d_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8C262C7-C463-4F74-8F6B-6BF9B4FDCBCF", versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*", matchCriteriaId: "11E6B825-CA55-4BEC-8279-3F33F7CC93EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-al00a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4BDC1976-E07B-4464-84DB-EACAE30D97E5", versionEndExcluding: "10.1.0.160\\(c00e160r8p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*", matchCriteriaId: "562D05D2-CC9E-4973-9E8D-B40C0ED6C721", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yale-al50a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "752648AA-54F7-40EF-AC48-BAD6F9F31579", versionEndExcluding: "10.1.0.88\\(c00e88r8p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*", matchCriteriaId: "77360A45-7501-4243-812A-D8C3403D1F03", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:yalep-al10b_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A68AFA26-2D0F-4896-AB42-4E3327935F9D", versionEndExcluding: "10.1.0.160\\(c00e160r8p12\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*", matchCriteriaId: "A7D81385-913B-4A38-A712-41CAE7B78DF4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E2B578A-E6CE-413D-890B-20AC7EAEE59C", versionEndExcluding: "10.1.0.160\\(c01e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62637079-D8B3-4D71-8686-250C289C2957", versionEndExcluding: "10.1.0.160\\(c01e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\n\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.", }, { lang: "es", value: "Existe una vulnerabilidad de autorización indebida en algunos teléfonos inteligentes Huawei. Un atacante podría realizar una serie de operaciones en un modo específico para explotar esta vulnerabilidad. Si lo hace con éxito, podría permitir al atacante eludir el bloqueo de la aplicación. (ID de vulnerabilidad: HWPSIRT-2019-12144) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposición común (CVE): CVE-2020-9081.", }, ], id: "CVE-2020-9081", lastModified: "2025-01-10T20:37:44.267", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 2.5, source: "psirt@huawei.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-12-27T10:15:10.937", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-285", }, ], source: "psirt@huawei.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-04 19:29
Modified
2024-11-21 04:44
Severity ?
Summary
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B148AF2F-F662-4CFA-852F-38EFC80D4D67", versionEndExcluding: "ele-al00_9.1.0.162", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3FCA8B7D-7D85-4A6D-BECE-4BFA896A294D", versionEndExcluding: "vog-al00_9.1.0.162", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)", }, { lang: "es", value: "Algunos dispositivos Huawei 4G LTE, versiones P30 anteriores a ELE-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1) y versiones P30 Pro anteriores a VOG-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1), están expuestos a una repetición del mensaje. Por el bien de una mejor compatibilidad, estos dispositivos implementan una verificación menos estricta del número de secuencia de mensaje (SN) de NAS, específicamente el NAS COUNT. Como resultado, un atacante puede construir una estación base maliciosa y reproducir el mensaje de comando de reasignación de GUTI en ciertas condiciones para manipular las GUTI, o reproducir el mensaje de solicitud de identidad para obtener IMSI. (ID de vulnerabilidad: HWPSIRT-2019-04107)", }, ], id: "CVE-2019-5307", lastModified: "2024-11-21T04:44:43.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-04T19:29:00.727", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-294", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 14:15
Modified
2024-11-21 05:11
Severity ?
Summary
HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E435BD0-2D12-4A15-BF67-4E83C1848884", versionEndExcluding: "10.1.0.135\\(c00e135r2p11\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E5A64DE-1846-44E8-AA2D-E2EF15F308AA", versionEndExcluding: "10.1.0.135\\(c00e135r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.", }, { lang: "es", value: "HUAWEI P30 y HUAWEI P30 Pro con versiones anteriores a 10.1.0.135(C00E135R2P11) y versiones anteriores a 10.1.0.135(C00E135R2P8), presentan una vulnerabilidad de comprobación de integridad insuficiente. El sistema no comprueba suficientemente la integridad de determinados paquetes de software. Una explotación con éxito podría permitir a un atacante cargar un paquete de software diseñado en el dispositivo", }, ], id: "CVE-2020-1834", lastModified: "2024-11-21T05:11:27.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T14:15:11.187", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-354", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62637079-D8B3-4D71-8686-250C289C2957", versionEndExcluding: "10.1.0.160\\(c01e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.", }, { lang: "es", value: "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8) y versiones anteriores a 10.1.0.160(C01E160R2P8), presentan una vulnerabilidad de desbordamiento del búfer. Un atacante induce a usuarios a instalar aplicaciones maliciosas y enviar paquetes especialmente construidos hacia los dispositivos afectados después de obtener el permiso root. Una explotación con éxito puede causar una ejecución de código", }, ], id: "CVE-2020-9123", lastModified: "2024-11-21T05:40:05.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-12T14:15:14.433", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-13 15:15
Modified
2024-11-21 04:52
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", matchCriteriaId: "B578E383-0D77-4AC7-9C81-3F0B8C18E033", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", matchCriteriaId: "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", matchCriteriaId: "8DFAAD08-36DA-4C95-8200-C29FE5B6B854", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", matchCriteriaId: "D558D965-FA70-4822-A770-419E73BA9ED3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "75056A1A-9008-4A43-989D-5E5899A3994F", versionEndExcluding: "10.0.0.195\\(c00e74r3p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*", matchCriteriaId: "B5322963-9375-4E4E-8119-895C224003AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3AAFCC24-8ADA-427B-84FE-1030AC3DE54D", versionEndExcluding: "10.0.0.196\\(c185e7r2p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "2564E28F-EF08-4381-96D8-58BB7C8C0E0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9682CC9-50CA-45FB-ACE7-20F1D097FE00", versionEndExcluding: "10.0.0.195\\(c00e74r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5FD3779B-F943-4B7E-BF82-AA4A051D02C8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p_smart_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E28978C4-E7E5-4414-B442-92A4B533BB42", versionEndExcluding: "9.1.0.193\\(c605e6r1p5t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "64C4DE1A-ACBD-4DCA-8BAD-23AE6DF4025B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p_smart_2019_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E07EC714-4635-446B-87C7-CC5EE610B175", versionEndExcluding: "10.0.0.180\\(c185e3r4p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "9B141C85-AFD2-4D7C-8B72-A065B3C905F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "22D5DBA0-EA94-4752-985C-DA7D555D7854", versionEndExcluding: "10.0.0.162\\(c00e156r1p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*", matchCriteriaId: "7492911B-4242-4947-9DED-9F48FC0875CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "138A6DBD-D3E3-47F8-ADF9-9ABD5C8AD397", versionEndExcluding: "10.0.0.162\\(c00e156r1p4\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6B315FBC-8BF9-4256-80F9-63EFF0806BEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D8897DB-732C-4B72-8A5C-F726805EFFB3", versionEndExcluding: "10.0.0.190\\(c432e22r2p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "67F3CF79-07A3-476D-B30B-90E1852E48CD", versionEndExcluding: "10.0.0.195\\(c00e85r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y6_2019_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD39CEB3-C282-4988-A642-58E41C8DDDED", versionEndExcluding: "9.1.0.290\\(c185e5r4p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "7E7053C3-4EB2-438E-9544-41ACF7A91057", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y6_pro_2019_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB0C0A35-FBB5-4492-BA94-4ADB1CE29C5E", versionEndExcluding: "9.1.0.290\\(c636e5r3p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "6B1F9660-41E0-4536-8032-57AD3E844A94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9C331EF-4B78-4ECB-A99E-33FDE093ABEB", versionEndExcluding: "9.1.0.264\\(c185e2r5p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*", matchCriteriaId: "F48ABE15-BC87-4B02-8B39-94DA1DC96B92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0F27CB3A-F773-48FB-9CAE-20FC93273D21", versionEndExcluding: "9.1.0.338\\(c00e333r1p1t8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*", matchCriteriaId: "BF68FFB0-01F8-4937-8BF4-36866F02E9A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0938EC8C-17BB-48DE-A477-770948A20696", versionEndExcluding: "9.1.0.322\\(c635e8r2p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_8a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2128BDE5-AE3B-427E-8A25-F3065850206A", versionEndExcluding: "9.1.0.291\\(c185e3r4p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*", matchCriteriaId: "B2E19C33-F393-4E0C-9AA7-461AF50EDF7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "174DF865-A0F6-49DE-A465-9BA68799480A", versionEndExcluding: "10.0.0.183\\(c185e2r6p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*", matchCriteriaId: "E7635502-0FD1-464E-8C64-1E8FF6235495", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA8F4F9C-B02E-4C43-B4C4-485E2E38D3B0", versionEndExcluding: "10.0.0.195\\(c636e3r4p3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*", matchCriteriaId: "6A55CF4F-8E86-419C-845B-CE60070620A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D0ECA4E-CAFE-4637-95DC-B201B9549FC0", versionEndExcluding: "10.0.0.203\\(c00e202r7p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "488781A7-935E-4DD6-AD9D-A058067E10AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F108CFD3-6A5F-40DE-A042-4528C43317D7", versionEndExcluding: "10.0.0.203\\(c00e202r7p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:*", matchCriteriaId: "40B08C1D-444B-4C8B-B7F9-60CA9B2A8D50", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_30_pro_5g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD56816C-6906-42DA-9BD3-70810C3BF658", versionEndExcluding: "10.0.0.203\\(c00e202r7p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_30_pro_5g:-:*:*:*:*:*:*:*", matchCriteriaId: "B7D6F9EF-ECC4-43BC-8AF4-BBAAF0F6940B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:mate_30_5g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20D00959-B094-47B9-868B-21E905EF4401", versionEndExcluding: "10.0.0.203\\(c00e202r7p2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:mate_30_5g:-:*:*:*:*:*:*:*", matchCriteriaId: "BF4BEDDB-BDB9-4172-8B3E-6013AFDD8928", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715", }, { lang: "es", value: "En la función reassemble_and_dispatch del archivo packet_fragmenter.cc, es posible una escritura fuera de límites debido a un cálculo de límites incorrecto. Esto podría conllevar a una ejecución de código remota por medio del Bluetooth sin ser necesarios privilegios de ejecución adicionales. No es necesaria una interacción del usuario para su explotación. Producto: Android, Versiones: Android-8.0 Android-8.1 Android-9 Android-10, ID de Android: A-143894715.", }, ], id: "CVE-2020-0022", lastModified: "2024-11-21T04:52:45.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-02-13T15:15:11.780", references: [ { source: "security@android.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html", }, { source: "security@android.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/Feb/10", }, { source: "security@android.com", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en", }, { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://source.android.com/security/bulletin/2020-02-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/Feb/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://source.android.com/security/bulletin/2020-02-01", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-682", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-682", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-17 23:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CFEFFE4-9C9D-42BD-A183-338606D53ACC", versionEndExcluding: "10.1.0.123\\(c432e19r2p5patch02\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC534873-48EE-4C7F-A27E-DB70BA3FD5D0", versionEndExcluding: "10.1.0.126\\(c10e11r5p1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.", }, { lang: "es", value: "Los teléfonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E19R2P5patch02), versiones anteriores a 10.1.0.126(C10E11R5P1) y versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de desbordamiento del búfer. El software accede a los datos más allá del final o antes del comienzo del búfer previsto cuando maneja determinadas operaciones de certificado, el atacante debe engañar al usuario para que instale una aplicación maliciosa, una explotación con éxito puede causar una ejecución de código", }, ], id: "CVE-2020-9257", lastModified: "2024-11-21T05:40:17.173", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-17T23:15:11.757", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-10 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
huawei | p30_firmware | * | |
huawei | p30 | - | |
huawei | p30_pro_firmware | * | |
huawei | p30_pro | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "17DCDDE2-A0F8-451D-8B92-029EAD61A6D2", versionEndExcluding: "10.1.0.123\\(c432e22r2p5\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*", matchCriteriaId: "21EE286C-8111-4F59-8CF1-13C68EA76B21", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC", versionEndExcluding: "10.1.0.160\\(c00e160r2p8\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB671DB-CB5B-46E0-B221-722D051184DE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.", }, { lang: "es", value: "Los teléfonos inteligentes HUAWEI P30 y HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E22R2P5) y versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de divulgación de información. La configuración predeterminada de ciertas funciones de WI-FI en el sistema parece no segura, un atacante puede diseñar un punto de acceso (hotspot) WI-FI para iniciar el ataque. Una explotación con éxito podría causar una divulgación de información", }, ], id: "CVE-2020-9260", lastModified: "2024-11-21T05:40:17.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-10T14:15:10.733", references: [ { source: "psirt@huawei.com", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en", }, ], sourceIdentifier: "psirt@huawei.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }