All the vulnerabilites related to huawei - p30_pro_firmware
Vulnerability from fkie_nvd
Published
2019-12-13 15:15
Modified
2024-11-21 04:44
Severity ?
Summary
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | honor_v10_firmware | * | |
| huawei | honor_v10 | - | |
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | enjoy_7s_firmware | * | |
| huawei | enjoy_7s | - | |
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | honor_9_lite_firmware | * | |
| huawei | honor_9_lite | - | |
| huawei | honor_9i_firmware | * | |
| huawei | honor_9i | - | |
| huawei | m6_firmware | * | |
| huawei | m6 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | honor_20s_firmware | * | |
| huawei | honor_20s | - | |
| huawei | honor_9_lite_firmware | * | |
| huawei | honor_9_lite | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_v10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B394D790-9589-4FC3-8B51-47B9F6E241D2",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_v10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "592CF37A-83FA-4C85-B5E7-1DB2297A77A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76BF8190-0F8E-4BEF-81C6-FE409F6B812A",
"versionEndExcluding": "9.1.0.226\\(c00e220r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:enjoy_7s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29CD79B3-14E0-44A4-B9DE-4C4A47449626",
"versionEndExcluding": "9.1.0.130\\(c00e115r2p8t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:enjoy_7s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40688207-579D-444D-A594-54E65069B6A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9BE6DA3-8840-4B23-8F78-632112A2B039",
"versionEndExcluding": "9.1.0.139\\(c00e133r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6154A71C-59D9-47C0-B7CA-AC837CB70E32",
"versionEndExcluding": "9.1.0.143\\(c636e5r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E571CDA8-577E-4165-A960-DAD978FD23BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA66B4F-B5D6-485B-A741-1D08C03957E0",
"versionEndExcluding": "9.1.0.120\\(c00e113r1p6t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F931151C-4D0A-44D1-9417-B467F7E148A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:m6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC9664F-3422-4630-B917-326BDC4AF0BE",
"versionEndExcluding": "9.1.1.150\\(c00e150r1p150\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "996B603A-E8F8-408D-A204-BB0638498F9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B40B07F3-0A6C-4102-976F-2E787311AA12",
"versionEndExcluding": "9.1.0.226\\(c00e210r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEBB5CD-2714-4761-A0C7-D97D24D267B6",
"versionEndExcluding": "9.1.1.132\\(c00e131r6p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1442135-75BB-4C2C-8BBF-354CB0978489",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_9_lite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9024A1-9F5A-4953-AE7C-6AB9926C0BBB",
"versionEndExcluding": "9.1.0.130\\(c00e112r2p10t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_9_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E571CDA8-577E-4165-A960-DAD978FD23BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de salto de ruta en varios tel\u00e9fonos inteligentes Huawei. El sistema no comprueba de forma suficiente ciertos nombres de ruta de la aplicaci\u00f3n. Un atacante podr\u00eda enga\u00f1ar al usuario para que instale, realice una copia de seguridad y restaure una aplicaci\u00f3n maliciosa. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2019-5251",
"lastModified": "2024-11-21T04:44:36.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-13T15:15:11.317",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-27 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6184CF-9037-4099-AD49-97D1BE85BBCA",
"versionEndExcluding": "9.1.0.300\\(c432e4r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34ACFA43-7B18-437C-91F8-07F7B265657B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-l29_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFC3AFA-18D3-4B66-8096-E2DB298E9012",
"versionEndExcluding": "9.1.0.315\\(c636e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-l29:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316E46D1-B3CD-4783-A4CB-F68C215439F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C47EA7A-7F85-4BD3-A309-057D9EBC944A",
"versionEndExcluding": "9.1.0.321\\(c636e4r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1087EABB-4325-41EB-B09B-10F04A75C1C1",
"versionEndExcluding": "9.1.0.330\\(c432e6r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB13FD96-6FCC-4CE8-9E57-530B294A192C",
"versionEndExcluding": "9.1.0.302\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BB64041-1B61-490E-BA4D-08F9B178CD7D",
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865F26AC-8EA6-4003-953C-1FF933AC2A25",
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA96859C-81F6-4227-B228-BF6C82451A1B",
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5700C010-5655-4421-AA6B-44DDA28E0E29",
"versionEndExcluding": "9.1.0.311\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC428982-90AF-4232-918C-BB8D5608927A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EC9940-713C-4400-9EB0-23CDEF5E5CD0",
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC428982-90AF-4232-918C-BB8D5608927A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60FA31C3-4B67-40F9-9E39-92F7E25F50A0",
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F965BA36-4F41-485C-A7F0-95071BD356C8",
"versionEndExcluding": "9.1.0.335\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2253BA-D36C-4760-95C7-330C5BBE9B47",
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC23449-4B1B-4FF2-AD65-1077C64B19E1",
"versionEndExcluding": "9.1.0.336\\(c605e3r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B37F0AE0-C461-4B70-B790-9606E2D27E0F",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F63CA2F-45B8-4DD3-81AE-8359929AE50B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77C9A1A-0B19-4976-8070-E3D79124C466",
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2B4309-0AA2-49A5-A103-0FD0CC893E04",
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7B01B2-E3BA-49CF-B651-85404988A481",
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A",
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C41EF-6F24-4477-A32F-BEE404E4388E",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5193B7-6F3F-4249-BB74-62480893CAB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A20CF38-1A24-4C53-A8A9-D9F90CD3DEF5",
"versionEndExcluding": "9.1.0.328\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C049681E-B4CE-4199-9B8A-55430F64E98E",
"versionEndExcluding": "9.1.0.328\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7D1955-668A-4849-83A9-AD79F1AECE00",
"versionEndExcluding": "9.1.0.330\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCE23A8-5556-47D3-94D5-3B838290E313",
"versionEndExcluding": "9.1.0.328\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F69B82AD-34E2-4ED6-AACD-355982232959",
"versionEndExcluding": "9.1.0.336\\(c605e4r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D91A6502-BDFF-45ED-A324-297E8B376AEF",
"versionEndExcluding": "9.1.0.311\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7E1345-CAF2-4414-9C04-925AF467629B",
"versionEndExcluding": "9.1.0.345\\(c432e10r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D691689C-4EA7-4C2B-82FF-EBF7E1914C2B",
"versionEndExcluding": "9.1.0.311\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ED8852-7D46-493C-9A4B-0D267C4AF7A9",
"versionEndExcluding": "9.1.0.311\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD58E3B6-C4C5-4114-87A8-AA8BBBED1014",
"versionEndExcluding": "9.1.0.311\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E46E7C-762A-42EF-8FFF-C958855BC69C",
"versionEndExcluding": "9.1.0.311\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5384ACB4-5D30-4E01-8F54-F896C6027EFC",
"versionEndExcluding": "9.1.0.310\\(c636e3r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4C2C1A-4CC6-4706-8BCF-26C013FB75F2",
"versionEndExcluding": "9.1.0.310\\(c432e3r1p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "242DFB51-97EC-4190-A6FA-EF748BA007FE",
"versionEndExcluding": "9.1.0.131\\(c00e131r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAE5CB4-FBF2-4570-9419-E7F1C11771FD",
"versionEndExcluding": "9.1.0.310\\(c185e10r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26909FF8-9B5D-4AF8-A811-3ECB5AE5F0AC",
"versionEndExcluding": "9.1.0.135\\(c786e133r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F891A4-1B1B-4B8B-B160-9279BC9F1F1D",
"versionEndExcluding": "9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B05287-637D-4BCD-A153-54C4E2D5328D",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D54686F0-EECF-4E50-B5C0-BB940D4FC533",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24F40E10-DBB7-4A3F-8AC7-CFA0255F0938",
"versionEndExcluding": "9.1.0.193",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC306039-7878-426F-821D-306001CA3E92",
"versionEndExcluding": "9.1.0.186\\(c00e180r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AEA14A-FD7D-42FD-BED2-C88E5FBE2E17",
"versionEndExcluding": "9.1.0.220\\(c605e3r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F48ABE15-BC87-4B02-8B39-94DA1DC96B92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1532C2F4-2A09-45F8-9290-7F9211DAF5DD",
"versionEndExcluding": "9.1.0.305\\(c635e8r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4FAF6E-6457-482C-B93E-DB2F782A2232",
"versionEndExcluding": "9.1.0.283\\(c605e8r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B76E03E9-CC25-4B3D-A236-71F132DFF08F",
"versionEndExcluding": "9.1.0.221\\(c461e2r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7635502-0FD1-464E-8C64-1E8FF6235495",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5ED827-6CFC-4D8A-863F-B5BC2574833A",
"versionEndExcluding": "9.1.0.238\\(c432e1r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jackman-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07F21804-A0B9-48C5-A5E8-144FC3F1476F",
"versionEndExcluding": "9.1.0.247\\(c636e2r4p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B99E236E-D36C-4FE9-93C2-10D01A3A7390",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B99A82F1-6AC5-49A9-BBD6-84021EE314AB",
"versionEndExcluding": "9.1.0.331\\(c432e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3765F0-677E-48FA-8A70-8F5A69660DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21meb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F496B865-29EC-40FD-80E7-4743DD9B63F3",
"versionEndExcluding": "9.1.0.331\\(c185e4r1p3t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010590E4-2979-4AE3-9B94-7C1BC5CE0533",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA05B35-9F89-4048-A533-C940AC64164A",
"versionEndExcluding": "9.1.0.331\\(c636e1r1p3t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "143485B2-5216-4190-8306-63D12362F6AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6D5B81-ED8D-41C1-88DD-9FD23EBD1ABE",
"versionEndExcluding": "9.1.0.212\\(c00e62r1p7t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A35E71-4D6A-494D-882B-987CE16E3467",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE088454-B444-4A45-B7FF-498354EBACBD",
"versionEndExcluding": "9.1.0.215\\(c432e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EB56-D8A6-4D5C-98B4-3FF056536BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E3BA431-B89F-4DAC-80DD-2DD278D6FE2B",
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EB56-D8A6-4D5C-98B4-3FF056536BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21br_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1689E3E-37B9-4EDC-A583-BCB3A7D78EA1",
"versionEndExcluding": "9.1.0.213\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD953016-2468-40BD-8383-9105BA297C26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F41F75B-B181-4B2A-8331-64D77A795FA2",
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40DAF023-9D20-4262-B5BE-F3C61906C9BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22br_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EACD275C-05DB-4E79-86B7-18892C66ACD6",
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C17CF-D4AA-460E-815F-32FB5C8702A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF59B4B4-E0F6-43F4-9DC8-6330D8E54957",
"versionEndExcluding": "9.1.0.228\\(c00e78r1p7t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA53F55-8938-4DA9-B41A-D7E430D2A16F",
"versionEndExcluding": "9.1.0.215\\(c782e2r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "098FDD61-E3C6-4A7B-8EC7-9F4F847F2D85",
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB62B7A4-3FE5-4BBF-A63B-B8BA55689532",
"versionEndExcluding": "9.1.0.270\\(c432e3r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l03_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D84E8681-137D-497C-A4E9-7A9518519669",
"versionEndExcluding": "9.1.0.217\\(c605e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73849B9E-BD8E-46A9-9D79-41210455C02B",
"versionEndExcluding": "9.1.0.221\\(c461e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE69226-79D4-4CB9-8E81-BC82A8A98095",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06D9B4FD-5C40-4824-A64F-BD324E87D5AD",
"versionEndExcluding": "9.1.0.215\\(c432e4r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE69226-79D4-4CB9-8E81-BC82A8A98095",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C93CDC1-1F31-44A2-AFE8-3744121F7BB8",
"versionEndExcluding": "9.1.0.259\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41406787-C8CD-426A-9F5B-E2D99430BD10",
"versionEndExcluding": "9.1.0.220\\(c635e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D745CD0-C26D-4E73-9BFA-68E0C11E5E64",
"versionEndExcluding": "9.1.0.216\\(c569e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28BB1F95-8AB3-46EA-8509-A48B8FEC51CD",
"versionEndExcluding": "9.1.0.226\\(c605e2r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "782EE52E-D3F2-4DAA-886D-82C04BAB405F",
"versionEndExcluding": "9.1.0.154\\(c432e2r3p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAB5A99-C9EC-479C-9FD9-B444DA0C3E7E",
"versionEndExcluding": "9.1.0.154\\(c461e2r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D99D9D-6569-44B3-B437-6E26D70427E9",
"versionEndExcluding": "9.1.0.154\\(c636e2r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF22C4E0-04AD-4E29-AE33-683DB15B9999",
"versionEndExcluding": "9.1.0.152\\(c00e150r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE504AB8-68B4-4C72-A5B5-1127487CA3B0",
"versionEndExcluding": "10.0.0.187",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86489593-F6E2-480E-9381-540FA4256A84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302DF5FB-66EA-461B-8AD8-46ED1A915C4E",
"versionEndExcluding": "9.1.0.234\\(c00e234r4p3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF332D5-0799-487A-970B-E0FB7435207D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
},
{
"lang": "es",
"value": "Hay dos vulnerabilidades de denegaci\u00f3n de servicio en algunos tel\u00e9fonos inteligentes Huawei. Un atacante puede enviar mensajes TD-SCDMA especialmente dise\u00f1ados desde una estaci\u00f3n base no autorizada hacia los dispositivos afectados. Debido a la comprobaci\u00f3n insuficiente de la entrada de dos valores al analizar los mensajes, una explotaci\u00f3n con \u00e9xito puede causar un dispositivo anormal. Esta es la 2 de 2 vulnerabilidades. Diferente de CVE-2020-5302. Los productos afectados y sus son: ALP-AL00B: anteriores a 9.1.0.333(C00E333R2P1T8) ALP-L09: anteriores a 9.1.0.300(C432E4R1P9T8) ALP-L29: anteriores a 9.1.0.315(C636E5R1P13T8) BLA-L29C: anteriores a 9.1.0.321(C636E4R1P14T8), anteriores a 9.1.0.330(C432E6R1P12T8), anteriores a 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: anteriores a 9.1.0.333(C00E333R2P1T8) Berkeley-L09: anteriores a 9.1.0.350(C10E3R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8), anteriores a 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: anteriores a 9.1.0.311(C185E4R1P11T8), anteriores a 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: anteriores a 9.1.0.325(C185E4R1P11T8), anteriores a 9.1.0.335(C636E3R1P13T8), anteriores a 9.1.0.345(C432E8R1P11T8), anteriores a 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: anteriores a 9.1.0.333(C00E333R1P1T8) Columbia-L29D: anteriores a 9.1.0.350(C461E3R1P11T8), anteriores a 9.1.0.350(C185E3R1P12T8), anteriores a 9.1.0.350(C10E5R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: anteriores a 9.1.0.333(C00E333R1P1T8) Cornell-L29A: anteriores a 9.1.0.328(C185E1R1P9T8), anteriores a 9.1.0.328(C432E1R1P9T8), anteriores a 9.1.0.330(C461E1R1P9T8), anteriores a 9.1.0.328(C636E2R1P12T8) Emily-L09C: anteriores a 9.1.0.336(C605E4R1P12T8), anteriores a 9.1.0.311(C185E2R1P12T8), anteriores a 9.1.0.345(C432E10R1P12T8) Emily-L29C: anteriores a 9.1.0.311(C605E2R1P12T8), anteriores a 9.1.0.311(C636E7R1P13T8), anteriores a 9.1.0.311(C432E7R1P11T8) Ever-L29B: anteriores a 9.1.0.311(C185E3R3P1), anteriores a 9.1.0.310(C636E3R2P1), anteriores a 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: anteriores a 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: anteriores a 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: anteriores a 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: anteriores a 9.1.0.135(C00E133R2P1) HUAWEI P20: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P30: anteriores a 9.1.0.193 HUAWEI P30 Pro: anteriores a 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: anteriores a 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: anteriores a 9.1.0.305(C635E8R2P2) Honor 10 Lite: anteriores a 9.1.0.283(C605E8R2P2) Honor 8X: anteriores a 9.1.0.221(C461E2R1P1T8) Honor View 20: anteriores a 9.1.0.238(C432E1R3P1) Jackman-L22: anteriores a 9.1.0.247(C636E2R4P1T8) Paris-L21B: anteriores a 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: anteriores a 9.1.0.331(C185E4R1P3T8) Paris-L29B: anteriores a 9.1.0.331(C636E1R1P3T8) Sydney-AL00: anteriores a 9.1.0.212(C00E62R1P7T8) Sydney-L21: anteriores a 9.1.0.215(C432E1R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: anteriores a 9.1.0.213(C185E1R1P2T8) Sydney-L22: anteriores a 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: anteriores a 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: anteriores a 9.1.0.228(C00E78R1P7T8) SydneyM-L01: anteriores a 9.1.0.215(C782E2R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8), anteriores a 9.1.0.270(C432E3R1P1T8) SydneyM-L03: anteriores a 9.1.0.217(C605E1R1P1T8) SydneyM-L21: anteriores a 9.1.0.221(C461E1R1P1T8), anteriores a 9.1.0.215(C432E4R1P1T8) SydneyM-L22: anteriores a 9.1.0.259(C185E1R1P2T8), anteriores a 9.1.0.220(C635E1R1P2T8), anteriores a 9.1.0.216(C569E1R1P1T8) SydneyM-L23: anteriores a 9.1.0.226(C605E2R1P1T8) Yale-L21A: anteriores a 9.1.0.154(C432E2R3P2), anteriores a 9.1.0.154(C461E2R2P1), anteriores a 9.1.0.154(C636E2R2P1) Honor 20: anteriores a 9.1.0.152(C00E150R5P1) Honor Magic2: anteriores a 10.0.0.187 Honor V20: anteriores a 9.1.0.234(C00E234R4P3)"
}
],
"id": "CVE-2019-5303",
"lastModified": "2024-11-21T04:44:42.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-27T20:15:12.397",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-10 20:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29C7558A-D8B6-4773-A14D-38EDFFD96E5E",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function."
},
{
"lang": "es",
"value": "HUAWEI P30 versiones anteriores a 10.1.0.160(C00E160R2P11); HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de denegaci\u00f3n de servicio. Determinada configuraci\u00f3n del sistema puede ser modificada debido a una autorizaci\u00f3n inapropiada. El atacante podr\u00eda enga\u00f1ar al usuario instalando y ejecutando una aplicaci\u00f3n maliciosa, una explotaci\u00f3n con \u00e9xito podr\u00eda causar una condici\u00f3n de denegaci\u00f3n de servicio de la funci\u00f3n PHONE"
}
],
"id": "CVE-2020-9245",
"lastModified": "2024-11-21T05:40:15.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-10T20:15:11.923",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-27 10:15
Modified
2025-01-10 20:37
Severity ?
3.5 (Low) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | princeton-al10d_firmware | * | |
| huawei | princeton-al10d | - | |
| huawei | yale-al00a_firmware | * | |
| huawei | yale-al00a | - | |
| huawei | yale-al50a_firmware | * | |
| huawei | yale-al50a | - | |
| huawei | yalep-al10b_firmware | * | |
| huawei | yalep-al10b | - | |
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD",
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29C7558A-D8B6-4773-A14D-38EDFFD96E5E",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C262C7-C463-4F74-8F6B-6BF9B4FDCBCF",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11E6B825-CA55-4BEC-8279-3F33F7CC93EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDC1976-E07B-4464-84DB-EACAE30D97E5",
"versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "562D05D2-CC9E-4973-9E8D-B40C0ED6C721",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-al50a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "752648AA-54F7-40EF-AC48-BAD6F9F31579",
"versionEndExcluding": "10.1.0.88\\(c00e88r8p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77360A45-7501-4243-812A-D8C3403D1F03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yalep-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A68AFA26-2D0F-4896-AB42-4E3327935F9D",
"versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D81385-913B-4A38-A712-41CAE7B78DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2B578A-E6CE-413D-890B-20AC7EAEE59C",
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62637079-D8B3-4D71-8686-250C289C2957",
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\n\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de autorizaci\u00f3n indebida en algunos tel\u00e9fonos inteligentes Huawei. Un atacante podr\u00eda realizar una serie de operaciones en un modo espec\u00edfico para explotar esta vulnerabilidad. Si lo hace con \u00e9xito, podr\u00eda permitir al atacante eludir el bloqueo de la aplicaci\u00f3n. (ID de vulnerabilidad: HWPSIRT-2019-12144) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2020-9081."
}
],
"id": "CVE-2020-9081",
"lastModified": "2025-01-10T20:37:44.267",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-27T10:15:10.937",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-15 16:15
Modified
2024-11-21 05:39
Severity ?
Summary
HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | tony-al00b_firmware | * | |
| huawei | tony-al00b | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E435BD0-2D12-4A15-BF67-4E83C1848884",
"versionEndExcluding": "10.1.0.135\\(c00e135r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5A64DE-1846-44E8-AA2D-E2EF15F308AA",
"versionEndExcluding": "10.1.0.135\\(c00e135r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B88F6982-D7F1-409D-A73C-4E439CA2CAD5",
"versionEndExcluding": "10.1.0.135\\(c01e135r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63B310F0-9165-48E3-9609-6CA49D6E10C5",
"versionEndExcluding": "10.1.0.137\\(c00e137r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes HUAWEI P30; HUAWEI P30 Pro; Tony-AL00B con versiones anteriores a 10.1.0.135(C00E135R2P11); versiones anteriores a 10.1.0.135(C00E135R2P8),versiones anteriores a 10.1.0.135, presentan una vulnerabilidad de autenticaci\u00f3n inapropiada. Debido a que la identidad del remitente del mensaje no est\u00e1 siendo verificada apropiadamente, un atacante puede explotar esta vulnerabilidad por medio de un ataque de tipo man-in-the-middle para inducir a un usuario a acceder a una URL maliciosa"
}
],
"id": "CVE-2020-9076",
"lastModified": "2024-11-21T05:39:59.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-15T16:15:23.270",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot."
},
{
"lang": "es",
"value": "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura y escritura fuera de l\u00edmites.\u0026#xa0;Un atacante no autenticado dise\u00f1a un mensaje malformado con un par\u00e1metro espec\u00edfico y env\u00eda el mensaje hacia los productos afectados.\u0026#xa0;Debido a una comprobaci\u00f3n insuficiente del mensaje, que puede ser explotado para causar el reinicio del proceso"
}
],
"id": "CVE-2020-9107",
"lastModified": "2024-11-21T05:40:03.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-12T14:15:14.230",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 19:29
Modified
2024-11-21 04:44
Severity ?
Summary
There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_firmware | * | |
| huawei | p30 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7D1F2D-B51E-4ABF-B53D-6F4F7EE54081",
"versionEndExcluding": "vog-al00_9.1.0.162\\(c01e160r1p12\\/c01e160r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55CF6874-A1F4-4F8D-AE66-2D5F8CE25B9C",
"versionEndExcluding": "ele-al00_9.1.0.162\\(c01e160r1p12\\/c01e160r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de man-in-the-middle (MITM) en las versiones de Tel\u00e9fonos Huawei P30 antes de ELE-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1), y P30 Pro versiones anteriores a VOG-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1). Cuando los usuarios establecen la conexi\u00f3n y transfieren datos a trav\u00e9s de Huawei Share, un atacante podr\u00eda rastrear, falsificar y realizar una serie de operaciones para entrometerse en la conexi\u00f3n de Huawei Share y lanzar un ataque Man-in-the-middle para obtener y manipular los datos. (ID de vulnerabilidad: HWPSIRT-2019-03109)"
}
],
"id": "CVE-2019-5215",
"lastModified": "2024-11-21T04:44:31.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T19:29:00.227",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-17 23:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CFEFFE4-9C9D-42BD-A183-338606D53ACC",
"versionEndExcluding": "10.1.0.123\\(c432e19r2p5patch02\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC534873-48EE-4C7F-A27E-DB70BA3FD5D0",
"versionEndExcluding": "10.1.0.126\\(c10e11r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E19R2P5patch02), versiones anteriores a 10.1.0.126(C10E11R5P1) y versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de error de comprobaci\u00f3n l\u00f3gica. Se produce un error l\u00f3gico cuando el software comprueba el tama\u00f1o de determinado par\u00e1metro, el atacante debe enga\u00f1ar al usuario para que instale una aplicaci\u00f3n maliciosa, una explotaci\u00f3n con \u00e9xito puede causar una ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2020-9254",
"lastModified": "2024-11-21T05:40:16.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-17T23:15:11.617",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-29 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | hisuite_firmware | * | |
| huawei | hisuite | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "685D05E1-BFE2-469D-AF24-B9B5175C2D3E",
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1822A93-8ED2-4E74-8AE2-30176892F67B",
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7113FB5E-9B2A-4829-BB70-1067911BC880",
"versionEndExcluding": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23B293EE-9920-42CB-AC07-17F004CFA501",
"versionEndExcluding": "9.1.0.305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F20DB-9D2E-4357-89D4-62DC2A6E9F02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes P30, P30 Pro, Mate 20 con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R2P1), versiones anteriores a Hima-AL00B 9.1.0.135(C00E133R2P1) y HiSuite con versiones anteriores a HiSuite 9.1.0.305, presenta una vulnerabilidad de degradado de versi\u00f3n. El dispositivo y el software HiSuite no comprueban el paquete de actualizaci\u00f3n lo suficiente, de modo que el sistema del tel\u00e9fono inteligente puede degradarse a una versi\u00f3n anterior."
}
],
"id": "CVE-2019-5227",
"lastModified": "2024-11-21T04:44:33.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-29T20:15:11.863",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-14 17:15
Modified
2024-11-21 04:51
Severity ?
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:blackberry:blackberry:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8239084-1BAF-48F8-A57C-BEB0036DA346",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47E54551-6C9D-4E0C-AE9F-7585B0513B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E84CE847-550E-445B-8972-2FB5BCF6B04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "04D7DAFB-DEE4-4A71-A27C-0E34426AACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCF5B87-0AAD-4030-B439-B58990ED31DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "655F7FDF-5E6F-4984-8EBA-95B49BB14A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "73DE60EC-0D7E-4D02-B7F1-AA0799088FE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB0FFE3-4BE1-4024-BCC6-1B87074DE2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_host_eus:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9708C6C-5DD1-43D8-8BD4-71BAFC3C997B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D067B04-CDF9-4395-83FA-17145267BA18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92BC9265-6959-4D37-BE5E-8C45E98992F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B15608-BABC-4663-A58F-B74BD2D1A734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF9BCF3-187F-410A-96CA-9C47D3ED6924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5749E2F6-8B59-439C-9E60-49466C2DD157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F8F038-6115-445E-AFCB-974BAAEBD876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"matchCriteriaId": "36E85B24-30F2-42AB-9F68-8668C0FCC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CB3640-F55B-4127-875A-2F52D873D179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E082C33-2F83-4AF1-A91D-94EF05DE98A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "803D7386-1E7C-451E-A52F-91B6039BB97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1995855A-1883-412D-B629-5436E881FF08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ares-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A577297-C186-4CC4-A67D-DE7AB46FC08F",
"versionEndExcluding": "9.1.0.160\\(c00e160r2p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ares-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43F6F4AE-1938-4E92-8DBD-A80B703EDCA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ares-al10d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27438A38-0793-4719-BEB2-2CC44553E058",
"versionEndExcluding": "9.1.0.160\\(c00e160r2p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ares-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C56298B1-7923-44E1-B9D5-78C030792209",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ares-tl00c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F34FF7B9-D8B6-4C2E-A9E6-CBF407F60DDF",
"versionEndExcluding": "9.1.0.165\\(c01e165r2p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ares-tl00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D3E8A-E271-4857-BC1F-DBC69C564530",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:asoka-al00ax_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71BA8A3E-0112-4904-85A2-E483627874CA",
"versionEndExcluding": "9.1.1.181\\(c00e48r6p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:asoka-al00ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2C06DA-9060-468D-A89F-F5C5EE3297E4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:atomu-l33_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B380CA3-F13A-427D-874B-B8D632DDF5AB",
"versionEndExcluding": "8.0.0.147\\(c605custc605d1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:atomu-l33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F378F7-5CE8-4499-8537-6FD99026DB6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:atomu-l41_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B15BAD-ACCC-44D7-A942-3E5DAFE1ED1C",
"versionEndExcluding": "8.0.0.153\\(c461custc461d1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:atomu-l41:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1129F1-BE98-456D-AB43-DFC5859635DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:atomu-l42_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "697C30E8-BB17-44F3-8DA4-AEF9D15222ED",
"versionEndExcluding": "8.0.0.155\\(c636custc636d1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:atomu-l42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73932E23-6868-4A1C-B1CC-8F4E36A7114A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7282513-0D84-4A2D-A4DC-491C8F4C7184",
"versionEndExcluding": "9.1.0.329\\(c786e320r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D6D9B-335B-404C-88F3-590DF9E5D878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8979842F-0AD8-47BA-87A1-02F13EB145EA",
"versionEndExcluding": "9.1.0.300\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00BED6E8-D790-4A57-AA1E-4A2D04832594",
"versionEndExcluding": "9.1.0.329\\(c01e320r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4035199-8628-468D-BE58-17892D063357",
"versionEndExcluding": "8.0.0.366\\(c00\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:barca-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FA823EC-2A56-4C48-8FB5-317B6ED81E40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82D57889-9678-4A25-B352-65A99104B72E",
"versionEndExcluding": "9.1.0.332\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-tl10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F36EF5C3-FF4A-4849-97C3-FD4BC05FBCD5",
"versionEndExcluding": "9.1.0.333\\(c01e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-tl10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE70011-5F76-460B-ABB5-7C738B0AB2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cairogo-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1EFD33-BC40-4DB6-B2CB-FFA616B6A65B",
"versionEndExcluding": "cairogo-l22c461b153",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cairogo-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "700FA8F3-B729-44E2-B56F-D80292BF460F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A8F9DA-FF8D-40C5-9CD4-66AF719DC1AC",
"versionEndExcluding": "9.1.0.311\\(c605e2r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B37F0AE0-C461-4B70-B790-9606E2D27E0F",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F63CA2F-45B8-4DD3-81AE-8359929AE50B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3905BE38-3C2C-4B0D-B804-15A87B9DA244",
"versionEndExcluding": "9.1.0.335\\(c675e8r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF16336-9CFE-4D67-852B-4C356E3C5951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7B01B2-E3BA-49CF-B651-85404988A481",
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-tl00d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25176953-B380-49C7-BE67-A4053DCEBADB",
"versionEndExcluding": "8.1.0.186\\(c01gt\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE1BB06-0403-4F46-AF76-DAD85D538907",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C41EF-6F24-4477-A32F-BEE404E4388E",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5193B7-6F3F-4249-BB74-62480893CAB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "344A5958-037B-4AB5-8B8E-A4FC948C95A7",
"versionEndExcluding": "9.1.0.363\\(c675e3r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BB30EE-ECCE-4697-A990-F910F3B5C2B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00ind_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAC1975-0955-42EF-8242-52BEE2BDE008",
"versionEndExcluding": "8.2.0.141\\(c675custc675d1gt\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00ind:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34AECCA8-6B67-4DF5-A6C9-A6F333664950",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al10ind_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68C87563-3724-4B7F-8F33-C0B09694B164",
"versionEndExcluding": "9.1.0.363\\(c675e2r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al10ind:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28D9A40E-51BC-458D-ADE6-EA680F23F2B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5589A1A9-0214-4391-BBD2-932FF53B2002",
"versionEndExcluding": "9.1.0.336\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-tl10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D952E67-D771-48DF-A4A9-69D6FFABE2CE",
"versionEndExcluding": "9.1.0.333\\(c01e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F60E9A-0ACB-4E44-ADFB-771C695FCF08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dubai-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6995D12-C03B-4380-BCE8-5DE2DC97E198",
"versionEndExcluding": "8.2.0.190\\(c00r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dubai-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A1EE4A-1539-4FD7-B5D8-D3725CB3A843",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dura-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE2E6C4-BADF-4215-B31E-CCF399270B83",
"versionEndExcluding": "1.0.0.182\\(c00\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dura-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC591FA6-55E1-4628-AE43-CD1E2A4980E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dura-tl00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86C43B18-C1BF-4DB9-92D2-D9E333F73CE3",
"versionEndExcluding": "1.0.0.176\\(c01\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dura-tl00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E269DC2-682C-49B7-8492-F8622572C785",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c605\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF895541-98C9-4520-9CAF-36CA963F9BA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3631A567-0F95-4477-B2DC-D1B09736140D",
"versionEndExcluding": "9.1.0.338\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D28EB2-8919-4AD2-8455-194B8AB14FFB",
"versionEndExcluding": "9.1.0.160\\(c605e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42D1377E-92E6-472A-9734-D5DA1C8319A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:8.0.0.122d\\(c652\\):*:*:*:*:*:*:*",
"matchCriteriaId": "05C2AFA5-D4B0-414D-8894-7DBF020C3A40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-tl10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFFCE6B-14C3-459B-B7CB-B8380AAAD19F",
"versionEndExcluding": "9.1.0.130\\(c01e115r2p8t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88BDA8C0-CD09-418F-A334-E54B8E458D05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-al20b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AED8A17-5120-4F1F-819B-C2592FC73411",
"versionEndExcluding": "9.1.0.128\\(c00e112r1p6t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-al20b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF7DFEE-5C99-4C65-B3D8-AEE21E81A6BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE9BC91-0596-483E-8D2C-431A72A56797",
"versionEndExcluding": "9.1.0.150\\(c185e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CD5EEC-DA40-4B35-A2CD-6F48147F0810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F91DCF-B3DF-4087-A608-0E6A06DE6FA4",
"versionEndExcluding": "9.1.0.150\\(c636e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1387541-860F-43AE-809B-AFA9338DC378",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6498D22-6C7C-4E66-BAD7-20CFC297FBF5",
"versionEndExcluding": "9.1.0.154\\(c605e7r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38E2DAC5-FD49-4DC2-854E-71DACE1BC643",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-tl10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E7E0ED-EB2E-4A55-B81D-8ECE3FD3AE58",
"versionEndExcluding": "9.1.0.128\\(c01e112r1p6t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4776C729-200A-4D86-B635-185B65FC2570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFA597A-ECA8-49E5-A1D9-44E1D1E51DD1",
"versionEndExcluding": "9.1.0.143\\(c675e8r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A12E685-F91D-4C04-82C5-61A9BA317A42",
"versionEndExcluding": "9.1.0.154\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3FB528-5C26-446F-9985-E325AB87203B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483669DB-D71C-48BD-BA29-B971C4D423A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18031A60-6047-43E5-A75D-4BF44532EFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p_smart_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AE3143-67EB-49B3-8B1D-DB34CCE3829C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C4DE1A-ACBD-4DCA-8BAD-23AE6DF4025B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p_smart_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85E3D35A-F979-48D0-92F8-1DBFF7BD2562",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B141C85-AFD2-4D7C-8B72-A065B3C905F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67931720-1EED-43CB-BB7B-BC0CCA773AC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90F53673-A878-4935-A992-E6F61D41FD24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE96D0C4-D43B-4AB3-A712-45F4F7F17BB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A26F9E66-8070-4884-87D1-BD87E189B10C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y5_2018_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BECFA24-FBD8-4320-B5C9-CDD3D5338582",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y5_2018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFBD5328-0BFF-49F7-B2EC-E73BC6D41FF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y5_lite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6AA13E-9801-401E-8E86-EE48C9BA5CAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y5_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA384300-C2B6-43B8-98F1-94488DA6CB06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB50358-E75A-4B53-8780-D46F9D8B0F54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7053C3-4EB2-438E-9544-41ACF7A91057",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_prime_2018_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EA662-A8E3-45E5-A4C6-8C5E12AEA2E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_prime_2018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4033E6E-FFFA-40D5-9AB9-D1497AB5C314",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_pro_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED2D400-55BD-437F-A98C-1E3299590B22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1F9660-41E0-4536-8032-57AD3E844A94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y7_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B60AB519-4416-44F6-BF9D-20E24BA0B502",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y7_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5510EA-9A5A-4F72-AE40-AACFE58D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y9_2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A87C804-7DAA-47E2-A587-1D7541462BBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F48ABE15-BC87-4B02-8B39-94DA1DC96B92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBC9263-82BB-4B33-B682-A7B1A65D1577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF68FFB0-01F8-4937-8BF4-36866F02E9A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE87ADA6-7085-4ADA-B8F7-D863A1765580",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07D1E240-F1DE-4FC0-84B7-873978A9A6B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94DF684B-8BDD-4035-A8C7-2B565544CB81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF67964-B009-4209-B281-49055829BB4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_5i_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57BED229-03B1-43C2-9239-DAA5C9BD4F40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_5i_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C9D864-8A1E-475B-94B3-522D23D91288",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_lite_3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28304195-13E1-4757-B07C-34FBA1DDA061",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-al00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A46BA4B6-A387-4D51-9278-CABE5E2C224B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF9FAC4-0A8C-463C-8E5C-64E33D145E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41532B6-FE2A-4174-B1AA-074F08B64DEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2BE361-1412-455E-A553-0CA9D14E4C1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harry-tl00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5067B8-4862-48CB-B6A2-E3191314EED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E31013C1-26DA-4A6D-BBD4-BF0630EEEB66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95F68969-FB0A-4B51-9F67-DE5021EFABAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_10_lite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42AFF1E9-D82D-4301-87FD-A8B6B7C9B75F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A298082-CC80-4316-9AEB-9E8F8B52EE88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E19C33-F393-4E0C-9AA7-461AF50EDF7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8x_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB09814B-81B3-4236-B3AE-EAE800678D2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7635502-0FD1-464E-8C64-1E8FF6235495",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B72EBDE-1020-4177-BFC0-2E968FB17C29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E788B81C-69DB-4A13-AC70-1E17120CB82E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEA5A51-8067-4160-B115-085A529CD987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jakarta-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6067DA42-ECDC-4D11-813F-9C67CC8055AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jakarta-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44E124FE-9F3E-4A89-9DFB-2ACEF751BA82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B8A8714-83BD-49B7-86E8-3224DD02344E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "566629E0-84F2-4DFA-A20E-2D20C472E4B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:johnson-tl00f_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79F89951-0A96-4424-B1E3-30488876BDF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0075F84C-492C-408D-941B-274A0A0C3B82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:katyusha-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE0B00D-B846-4771-9D3B-4ACE59DD0C5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:katyusha-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38E3A00A-6EB8-4E04-B1BC-E7663C9C1EA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:laya-al00ep_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4A88E4-D37E-49CC-B4A4-86CBD030131E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A54AE-DC30-429B-8FB8-BE6EB933E685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l21a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6A6123-2AC6-407F-8D1C-8A148889946E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A663ACC5-FC2D-4FD7-BA9E-55344E257D4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l31a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "697FC0BE-4EE7-41B1-B19D-6BB1377C81A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l31a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "059598D5-E1FC-4727-A29C-5904FDFA4EA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l32a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE3288B-7A63-474E-9CF6-A78C74AA2049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l32a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7704B5F-4164-477C-A528-2998092C81D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l32c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBA5685-AB27-4BB2-BF66-8DDEA4B25158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95F935A0-E7B2-4281-8D36-EB19358061D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l42a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6983D6A-DE3C-43F5-B827-665F979E127D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l42a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C03D17FC-0921-41D2-B193-26163AEFE8F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-l42c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C067242F-C4BC-4EB2-86A5-FA508241C29D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-l42c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D10E950B-FDF6-4E22-9D88-60D0225466E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-tl10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24E8438F-9D3B-4565-AC01-AC4729B4C2A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-tl10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB8A667-95DE-4087-8418-49F5ACE194BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:leland-tl10c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A9BC1A3-62D9-4C51-A850-C44DC5A7DA61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:leland-tl10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11CB58EA-972E-460F-95F4-5413E05DA04C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-al00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5C8248-26DB-4423-A6C9-56788C9ED5CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD659D6-F838-4668-901A-0C17AB18E7C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D184ED2-0C47-41A5-9DDB-E0872249D080",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68BCAF57-9BF8-4EB0-B6FB-1B40737FFC9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-al10d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD41E18-2981-43FF-8FF5-41EE3775DC6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F33CAF53-20C8-4AB2-B728-80B6F7B5FA2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ADF3A6-9F52-4BFF-8FFB-E60E971AF98D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "842AB2B6-2C7A-4681-ACB7-E642E5D9D76D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D29D20-4F3B-4B6B-90AC-315652E47DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80D7FA39-2EE4-49F8-9EF4-009304DB6108",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:lelandp-l22d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A24E0E52-6C3B-4B4B-8F32-9467B9E56CB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A956F54-5B4B-4103-BA45-88F8FF7D9FD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:london-al40ind_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EAB36F5-50CC-4A8C-94D3-F0E001BDEC7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:london-al40ind:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9452809-D19E-4B63-9B84-BBD8AB4485E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:madrid-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA8110C-64B9-4346-9E46-44E87778EA2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:madrid-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8B2A97-DA47-40C8-8DB5-1AE1A89559A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:madrid-tl00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4137623C-6736-44C9-8446-22CE5DE10797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:madrid-tl00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00EE1329-D545-43F2-8D14-CBA53F3F8EFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:neo-al00d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65161544-ACCE-4281-9B15-DD1A732A6218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B07FEC-514D-4A51-B26B-02254A867DC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-al00ic_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "368F7A8F-B0F4-4E5C-ADB2-5EB8D3F831C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-al00ic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "042B7861-608F-4F0C-BF5E-FF2455C9BE79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "632F1A63-66BE-43AF-A0FA-968D4728E2C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3765F0-677E-48FA-8A70-8F5A69660DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21meb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0531C9-2B62-40E1-8F95-430BCD42BB34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010590E4-2979-4AE3-9B94-7C1BC5CE0533",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l29b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AC2BEB-0A61-4C3A-8CA4-674E5FEDC859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "143485B2-5216-4190-8306-63D12362F6AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:potter-al00c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF87777-1D49-4EC9-9F5F-22090F78AF11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34141B01-DA8B-4029-B275-395AC11C40C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:potter-al10a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4E204F-462B-4743-B87B-1CB4D4DE8D29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF01A3C-2E60-45B8-8D4E-58B5710FC40C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA8E4F26-E50C-4D06-A183-1BC9F1B9072F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4571D5E3-E327-4C04-939E-66B5A9D0CC18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11E6B825-CA55-4BEC-8279-3F33F7CC93EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-tl10c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E996FA3-91E7-42EF-A73F-6948A855F886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35F6A54F-E004-4BE7-A6A6-3E7C300DC498",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-al00_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4118EE5-084A-4DA3-B8D4-6EAC2729A2C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A35E71-4D6A-494D-882B-987CE16E3467",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6049D750-284C-4A03-95B6-1A7A0CC21BD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EB56-D8A6-4D5C-98B4-3FF056536BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21br_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF481690-3033-466D-966D-C9F65E6212A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD953016-2468-40BD-8383-9105BA297C26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5D16B5-6AC5-455D-AFD7-7E01E37DC5EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40DAF023-9D20-4262-B5BE-F3C61906C9BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22br_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0FE590-B043-4E4D-BC72-C0163ACDC194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C17CF-D4AA-460E-815F-32FB5C8702A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-tl00_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5072B124-1290-417C-ADEB-F39C294F23A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-tl00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4A324E-CF87-4C79-B42A-F5B3B7CEFE6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-al00_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58742692-675E-4546-AB6F-8E57ECBA7C09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DDCF56-3362-4DCD-9C7C-7D87D0F5A75D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l03_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F3A6D05-7BC6-4FCF-BAAF-53B13008F783",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l21_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "283A05FB-8A2D-4675-870A-A804B7161941",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE69226-79D4-4CB9-8E81-BC82A8A98095",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5349FCB9-93CB-4945-96EA-89CBE613082D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l23_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5E0EB1-5CBC-420F-8F3D-43C309C75A0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58B13F37-2D12-490A-9757-2B1EDE00FB97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-tl00b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F488BE9A-5B94-4D3B-9512-9BB8DA5E0391",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-al00a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DA51C4-E32B-4EE5-9702-339789D62213",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "562D05D2-CC9E-4973-9E8D-B40C0ED6C721",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-al50a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7927B88C-7CDC-45E7-A80F-B192C0AE13ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77360A45-7501-4243-812A-D8C3403D1F03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B42EC-D142-4B36-BDFE-8091BB06B017",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l61c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4168BC18-420C-42A8-B662-78D2500A4D89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l61c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C273A8B6-E86E-4E1B-8EEC-A84837B297F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-tl00b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88A0C1C5-2870-4187-B899-1334572B7F87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yalep-al10b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D2E47E-4A03-49DD-894D-35173EC98A56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D81385-913B-4A38-A712-41CAE7B78DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2287FD-97E0-4A11-B650-0C292A916650",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96479E8-2B4F-4149-B61B-79ECD0524A01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:imanager_neteco_6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3D22C1-B967-4AAD-AEE8-7357F1AF4C3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:imanager_neteco_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8CFC69-D6E8-4163-AE0F-B85693F2555D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7087288-2C19-4DDA-A0CD-419683391002",
"versionEndExcluding": "9.1.0.306\\(c185e2r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "126D381D-C88E-4404-9142-10002B2EB99E",
"versionEndExcluding": "9.1.0.306\\(c432e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25595943-0ED9-4CF7-99AF-373C96E9FD12",
"versionEndExcluding": "9.1.0.306\\(c636e2r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5F5DEE-631C-45B2-BEC7-CDE64F0F2077",
"versionEndExcluding": "9.1.0.307\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BB64041-1B61-490E-BA4D-08F9B178CD7D",
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA96859C-81F6-4227-B228-BF6C82451A1B",
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60FA31C3-4B67-40F9-9E39-92F7E25F50A0",
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54983533-DFE0-4572-B95B-2F59247D5D28",
"versionEndExcluding": "9.1.0.325\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD911F9-31B9-4DE3-BC78-F40E4C6F1904",
"versionEndExcluding": "9.1.0.328\\(c432e5r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "510223BA-A1EC-4408-AA5B-8BD93A6C39BF",
"versionEndExcluding": "9.1.0.328\\(c782e10r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2B4309-0AA2-49A5-A103-0FD0CC893E04",
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77C9A1A-0B19-4976-8070-E3D79124C466",
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1177D77-6C80-4FAA-8AC0-AA9A0B0FA9D7",
"versionEndExcluding": "9.1.0.350\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A",
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9DF73A-C61A-4043-A4D4-61A544B41E0A",
"versionEndExcluding": "9.1.0.341\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D10206F8-D91D-4AB0-93F3-F39740DA707F",
"versionEndExcluding": "9.1.0.342\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8360DEA6-D200-4C43-B82C-A7BF86E31B9F",
"versionEndExcluding": "9.1.0.347\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9356FA3A-1DCE-4382-BDE5-B6FBBD294352",
"versionEndExcluding": "9.1.0.311\\(c461e2r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49A47A99-E952-4EA6-82EF-0C0099F086CF",
"versionEndExcluding": "9.1.0.325\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF430412-8A6C-4E8C-8904-D8FA39A9E36A",
"versionEndExcluding": "9.1.0.325\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7057F392-1D2F-4B69-9500-4D4BA20EC3FA",
"versionEndExcluding": "9.1.0.326\\(c635e2r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "392B15A3-61D7-4FE1-A514-5D0B2F7E9A11",
"versionEndExcluding": "9.1.0.328\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65F6CFE8-5071-4419-9E30-1748692EE236",
"versionEndExcluding": "9.1.0.122\\(c09e7r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB72B761-E0C1-4728-AB85-2A833420DEB8",
"versionEndExcluding": "9.1.0.137\\(c33e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1364E52C-AD75-4778-AC90-E9ADC243B507",
"versionEndExcluding": "9.1.0.137\\(c530e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A33ED9A6-9818-4EE9-A22F-750B852789C1",
"versionEndExcluding": "9.1.0.158\\(c432e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E19C3F4-998D-43C1-B371-CFECBAB5AF31",
"versionEndExcluding": "9.1.0.165\\(c10e8r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F291A39-6603-4619-BB18-B1A4C48F945A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10C0DC76-8986-449D-B098-2EB7CA4228BB",
"versionEndExcluding": "9.1.0.150\\(c432e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CD5EEC-DA40-4B35-A2CD-6F48147F0810",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A950FF3A-8934-4788-AAF1-28C139EFEA63",
"versionEndExcluding": "9.1.0.149\\(c675e8r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A12E685-F91D-4C04-82C5-61A9BA317A42",
"versionEndExcluding": "9.1.0.154\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDADE368-D2EB-4DA9-A32E-9DE30BEE927D",
"versionEndExcluding": "9.1.0.154\\(c432e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E341C6A4-BA77-4002-BC06-475ABFFEBFFB",
"versionEndExcluding": "9.1.0.154\\(c636e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81C06F1A-9DAF-41EC-93D1-F61CD36D3471",
"versionEndExcluding": "9.1.0.155\\(c10e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E688C7-4152-446F-AFBD-710622835A48",
"versionEndExcluding": "9.1.0.170\\(c185e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4403D2-BAA4-4392-A453-5F1B28E8FA4F",
"versionEndExcluding": "9.1.0.170\\(c636e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CF3193-1EB6-4792-BD23-3C1C243A3E3B",
"versionEndExcluding": "9.1.0.171\\(c10e2r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FCD8C1-C635-4806-839E-14DC0CB3B4E2",
"versionEndExcluding": "9.1.0.172\\(c432e2r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
},
{
"lang": "es",
"value": "La especificaci\u00f3n de Bluetooth BR/EDR incluyendo versi\u00f3n 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociaci\u00f3n de longitud de clave. Esto permite ataques pr\u00e1cticos de fuerza bruta (tambi\u00e9n se conoce como \"KNOB\") que pueden descifrar el tr\u00e1fico e inyectar texto cifrado arbitrario sin que la v\u00edctima se d\u00e9 cuenta."
}
],
"id": "CVE-2019-9506",
"lastModified": "2024-11-21T04:51:45.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "cret@cert.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-14T17:15:11.597",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-17 23:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CFEFFE4-9C9D-42BD-A183-338606D53ACC",
"versionEndExcluding": "10.1.0.123\\(c432e19r2p5patch02\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC534873-48EE-4C7F-A27E-DB70BA3FD5D0",
"versionEndExcluding": "10.1.0.126\\(c10e11r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E19R2P5patch02), versiones anteriores a 10.1.0.126(C10E11R5P1) y versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de desbordamiento del b\u00fafer. El software accede a los datos m\u00e1s all\u00e1 del final o antes del comienzo del b\u00fafer previsto cuando maneja determinadas operaciones de certificado, el atacante debe enga\u00f1ar al usuario para que instale una aplicaci\u00f3n maliciosa, una explotaci\u00f3n con \u00e9xito puede causar una ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2020-9257",
"lastModified": "2024-11-21T05:40:17.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-17T23:15:11.757",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-29 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD7015-D62E-41DB-A19B-AF74689761E1",
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A40DE867-C2EC-4330-AE41-1F587DE5F715",
"versionEndExcluding": "hima-al00b_9.1.0.135\\(c00e200r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94C7C746-665F-492B-B0CB-F9DA7CEDF907",
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes P30, Mate 20, P30 Pro con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R1P21), versiones anteriores a Hima-AL00B 9.1.0.135(C00E200R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R1P12), presentan varias vulnerabilidades de desbordamiento de b\u00fafer, el sistema no comprueba apropiadamente cierto par\u00e1metro de longitud que una aplicaci\u00f3n transporta al kernel. Un atacante enga\u00f1a al usuario para instalar una aplicaci\u00f3n maliciosa, una explotaci\u00f3n con \u00e9xito podr\u00eda causar una ejecuci\u00f3n de c\u00f3digo malicioso."
}
],
"id": "CVE-2019-5225",
"lastModified": "2024-11-21T04:44:33.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-29T20:15:11.753",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-12 23:15
Modified
2024-11-21 04:44
Severity ?
Summary
Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | honor_v20_firmware | * | |
| huawei | honor_v20 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD7015-D62E-41DB-A19B-AF74689761E1",
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94C7C746-665F-492B-B0CB-F9DA7CEDF907",
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB61728E-3EBB-4C72-8669-5177291B7538",
"versionEndExcluding": "princeton-al10b_9.1.0.233\\(c00e233r4p3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF332D5-0799-487A-970B-E0FB7435207D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution."
},
{
"lang": "es",
"value": "Ciertos m\u00f3dulos de detecci\u00f3n de tel\u00e9fonos inteligentes P30, P30 Pro, Honor V20 con versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R1P21), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R1P12), versiones anteriores a Princeton-AL10B 9.1.0.233(C00E233R4P3), presentan una vulnerabilidad de condici\u00f3n de carrera. El sistema no bloquea determinadas funciones apropiadamente, cuando la funci\u00f3n es invocada por m\u00faltiples procesos podr\u00eda causar una escritura fuera del l\u00edmite. Un atacante enga\u00f1a al usuario para que instale una aplicaci\u00f3n maliciosa, una explotaci\u00f3n con \u00e9xito podr\u00eda causar una ejecuci\u00f3n de c\u00f3digo malicioso."
}
],
"id": "CVE-2019-5228",
"lastModified": "2024-11-21T04:44:33.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-12T23:15:10.223",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | mate_20_x_firmware | * | |
| huawei | mate_20_x | - | |
| huawei | mate_20_x_firmware | * | |
| huawei | mate_20_x | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | laya-al00ep_firmware | * | |
| huawei | laya-al00ep | - | |
| huawei | tony-al00b_firmware | * | |
| huawei | tony-al00b | - | |
| huawei | tony-tl00b_firmware | * | |
| huawei | tony-tl00b | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD",
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2B578A-E6CE-413D-890B-20AC7EAEE59C",
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73419613-9F87-4E99-9A8D-D8B6B74F882D",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "053881ED-D75B-4F53-AA58-3007A3769D1C",
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBD1414-620B-4367-BF57-9AED468EA81C",
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A54AE-DC30-429B-8FB8-BE6EB933E685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE2094-71C2-4C64-860E-67DE745110AD",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-tl00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2ACEC45-4B76-4AFC-BAD3-DA642A05CF30",
"versionEndExcluding": "10.1.0.160\\(c01e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim\u0027s smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11)."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en varios tel\u00e9fonos inteligentes.\u0026#xa0;El dispositivo no comprueba suficientemente la identidad del dispositivo port\u00e1til inteligente en determinado escenario espec\u00edfico, el atacante necesita obtener determinada informaci\u00f3n en el tel\u00e9fono inteligente de la v\u00edctima para iniciar el ataque, y una explotaci\u00f3n con \u00e9xito podr\u00eda causar una divulgaci\u00f3n de informaci\u00f3n. Las versiones del producto afectadas incluyen: HUAWEI Mate 20 versiones anteriores a 10.1.0.160(C00E160R3P8), versiones anteriores a 10.1.0.160(C01E160R2P8); HUAWEI Mate 20 X versiones anteriores a 10.1.0.160(C00E160R2P8), versiones anteriores a 10.1.0.160(C01E160R2P8); Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8); Laya-AL00EP versiones anteriores a 10.1.0.160(C786E160R3P8); Tony-AL00B versiones anteriores a 10.1.0.160(C00E160R2P11); Tony-TL00B versiones anteriores a 10.1.0.160(C01E160R2P11)"
}
],
"id": "CVE-2020-9109",
"lastModified": "2024-11-21T05:40:03.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-12T14:15:14.340",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-21 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service."
},
{
"lang": "es",
"value": "El tel\u00e9fono inteligente HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una vulnerabilidad de desbordamiento de enteros. Algunas funciones carecen de comprobaci\u00f3n cuando procesan algunos mensajes enviados desde otro m\u00f3dulo. Los atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de mensajes maliciosos que causen un desbordamiento de enteros. Esto puede comprometer el servicio normal."
}
],
"id": "CVE-2020-9095",
"lastModified": "2024-11-21T05:40:00.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-21T14:15:11.217",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-29 19:15
Modified
2024-11-21 04:44
Severity ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | mate_20_firmware | * | |
| huawei | mate_20 | - | |
| huawei | hisuite_firmware | * | |
| huawei | hisuite | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "685D05E1-BFE2-469D-AF24-B9B5175C2D3E",
"versionEndExcluding": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1822A93-8ED2-4E74-8AE2-30176892F67B",
"versionEndExcluding": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7113FB5E-9B2A-4829-BB70-1067911BC880",
"versionEndExcluding": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hisuite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23B293EE-9920-42CB-AC07-17F004CFA501",
"versionEndExcluding": "9.1.0.305",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hisuite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5F20DB-9D2E-4357-89D4-62DC2A6E9F02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes P30, P30 Pro, Mate 20 con software de versiones anteriores a ELLE-AL00B 9.1.0.193(C00E190R2P1), versiones anteriores a VOGUE-AL00A 9.1.0.193(C00E190R2P1), versiones anteriores a Hima-AL00B 9.1.0.135 (C00E133R2P1) y HiSuite con versiones anteriores a HiSuite 9.1.0.305, presentan una vulnerabilidad de degradaci\u00f3n de versi\u00f3n. El dispositivo y el software HiSuite no comprueban el paquete de actualizaci\u00f3n suficientemente, de modo que el sistema del tel\u00e9fono inteligente puede degradarse a una versi\u00f3n anterior."
}
],
"id": "CVE-2019-5226",
"lastModified": "2024-11-21T04:44:33.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-29T19:15:12.057",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-10 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17DCDDE2-A0F8-451D-8B92-029EAD61A6D2",
"versionEndExcluding": "10.1.0.123\\(c432e22r2p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes HUAWEI P30 y HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E22R2P5) y versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n. La configuraci\u00f3n predeterminada de ciertas funciones de WI-FI en el sistema parece no segura, un atacante puede dise\u00f1ar un punto de acceso (hotspot) WI-FI para iniciar el ataque. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-9260",
"lastModified": "2024-11-21T05:40:17.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-10T14:15:10.733",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 19:29
Modified
2024-11-21 04:44
Severity ?
Summary
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B148AF2F-F662-4CFA-852F-38EFC80D4D67",
"versionEndExcluding": "ele-al00_9.1.0.162",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FCA8B7D-7D85-4A6D-BECE-4BFA896A294D",
"versionEndExcluding": "vog-al00_9.1.0.162",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)"
},
{
"lang": "es",
"value": "Algunos dispositivos Huawei 4G LTE, versiones P30 anteriores a ELE-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1) y versiones P30 Pro anteriores a VOG-AL00 9.1.0.162 (C01E160R1P12 / C01E160R2P1), est\u00e1n expuestos a una repetici\u00f3n del mensaje. Por el bien de una mejor compatibilidad, estos dispositivos implementan una verificaci\u00f3n menos estricta del n\u00famero de secuencia de mensaje (SN) de NAS, espec\u00edficamente el NAS COUNT. Como resultado, un atacante puede construir una estaci\u00f3n base maliciosa y reproducir el mensaje de comando de reasignaci\u00f3n de GUTI en ciertas condiciones para manipular las GUTI, o reproducir el mensaje de solicitud de identidad para obtener IMSI. (ID de vulnerabilidad: HWPSIRT-2019-04107)"
}
],
"id": "CVE-2019-5307",
"lastModified": "2024-11-21T04:44:43.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T19:29:00.727",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62637079-D8B3-4D71-8686-250C289C2957",
"versionEndExcluding": "10.1.0.160\\(c01e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution."
},
{
"lang": "es",
"value": "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8) y versiones anteriores a 10.1.0.160(C01E160R2P8), presentan una vulnerabilidad de desbordamiento del b\u00fafer.\u0026#xa0;Un atacante induce a usuarios a instalar aplicaciones maliciosas y enviar paquetes especialmente construidos hacia los dispositivos afectados despu\u00e9s de obtener el permiso root.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito puede causar una ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2020-9123",
"lastModified": "2024-11-21T05:40:05.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-12T14:15:14.433",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-13 15:15
Modified
2024-11-21 04:52
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75056A1A-9008-4A43-989D-5E5899A3994F",
"versionEndExcluding": "10.0.0.195\\(c00e74r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AAFCC24-8ADA-427B-84FE-1030AC3DE54D",
"versionEndExcluding": "10.0.0.196\\(c185e7r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9682CC9-50CA-45FB-ACE7-20F1D097FE00",
"versionEndExcluding": "10.0.0.195\\(c00e74r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p_smart_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28978C4-E7E5-4414-B442-92A4B533BB42",
"versionEndExcluding": "9.1.0.193\\(c605e6r1p5t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C4DE1A-ACBD-4DCA-8BAD-23AE6DF4025B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p_smart_2019_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E07EC714-4635-446B-87C7-CC5EE610B175",
"versionEndExcluding": "10.0.0.180\\(c185e3r4p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B141C85-AFD2-4D7C-8B72-A065B3C905F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22D5DBA0-EA94-4752-985C-DA7D555D7854",
"versionEndExcluding": "10.0.0.162\\(c00e156r1p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "138A6DBD-D3E3-47F8-ADF9-9ABD5C8AD397",
"versionEndExcluding": "10.0.0.162\\(c00e156r1p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8897DB-732C-4B72-8A5C-F726805EFFB3",
"versionEndExcluding": "10.0.0.190\\(c432e22r2p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67F3CF79-07A3-476D-B30B-90E1852E48CD",
"versionEndExcluding": "10.0.0.195\\(c00e85r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_2019_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD39CEB3-C282-4988-A642-58E41C8DDDED",
"versionEndExcluding": "9.1.0.290\\(c185e5r4p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7053C3-4EB2-438E-9544-41ACF7A91057",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y6_pro_2019_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0C0A35-FBB5-4492-BA94-4ADB1CE29C5E",
"versionEndExcluding": "9.1.0.290\\(c636e5r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1F9660-41E0-4536-8032-57AD3E844A94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C331EF-4B78-4ECB-A99E-33FDE093ABEB",
"versionEndExcluding": "9.1.0.264\\(c185e2r5p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F48ABE15-BC87-4B02-8B39-94DA1DC96B92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F27CB3A-F773-48FB-9CAE-20FC93273D21",
"versionEndExcluding": "9.1.0.338\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF68FFB0-01F8-4937-8BF4-36866F02E9A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0938EC8C-17BB-48DE-A477-770948A20696",
"versionEndExcluding": "9.1.0.322\\(c635e8r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2128BDE5-AE3B-427E-8A25-F3065850206A",
"versionEndExcluding": "9.1.0.291\\(c185e3r4p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E19C33-F393-4E0C-9AA7-461AF50EDF7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "174DF865-A0F6-49DE-A465-9BA68799480A",
"versionEndExcluding": "10.0.0.183\\(c185e2r6p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7635502-0FD1-464E-8C64-1E8FF6235495",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8F4F9C-B02E-4C43-B4C4-485E2E38D3B0",
"versionEndExcluding": "10.0.0.195\\(c636e3r4p3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D0ECA4E-CAFE-4637-95DC-B201B9549FC0",
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "488781A7-935E-4DD6-AD9D-A058067E10AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F108CFD3-6A5F-40DE-A042-4528C43317D7",
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B08C1D-444B-4C8B-B7F9-60CA9B2A8D50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_30_pro_5g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD56816C-6906-42DA-9BD3-70810C3BF658",
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_30_pro_5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D6F9EF-ECC4-43BC-8AF4-BBAAF0F6940B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_30_5g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D00959-B094-47B9-868B-21E905EF4401",
"versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_30_5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4BEDDB-BDB9-4172-8B3E-6013AFDD8928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715"
},
{
"lang": "es",
"value": "En la funci\u00f3n reassemble_and_dispatch del archivo packet_fragmenter.cc, es posible una escritura fuera de l\u00edmites debido a un c\u00e1lculo de l\u00edmites incorrecto. Esto podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo remota por medio del Bluetooth sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es necesaria una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android, Versiones: Android-8.0 Android-8.1 Android-9 Android-10, ID de Android: A-143894715."
}
],
"id": "CVE-2020-0022",
"lastModified": "2024-11-21T04:52:45.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-02-13T15:15:11.780",
"references": [
{
"source": "security@android.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html"
},
{
"source": "security@android.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/10"
},
{
"source": "security@android.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
},
{
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2020-02-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2020-02-01"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-682"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-682"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-27 20:15
Modified
2024-11-21 04:44
Severity ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6645904-D2CA-4E35-BA98-DD5F3CAB3E96",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6184CF-9037-4099-AD49-97D1BE85BBCA",
"versionEndExcluding": "9.1.0.300\\(c432e4r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34ACFA43-7B18-437C-91F8-07F7B265657B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:alp-l29_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFC3AFA-18D3-4B66-8096-E2DB298E9012",
"versionEndExcluding": "9.1.0.315\\(c636e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:alp-l29:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316E46D1-B3CD-4783-A4CB-F68C215439F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C47EA7A-7F85-4BD3-A309-057D9EBC944A",
"versionEndExcluding": "9.1.0.321\\(c636e4r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1087EABB-4325-41EB-B09B-10F04A75C1C1",
"versionEndExcluding": "9.1.0.330\\(c432e6r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB13FD96-6FCC-4CE8-9E57-530B294A192C",
"versionEndExcluding": "9.1.0.302\\(c635e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551386D1-3D02-4319-B2A2-1AAE80F7F249",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB7A23D-805E-4DA1-AA7D-89A045BB47FD",
"versionEndExcluding": "9.1.0.333\\(c00e333r2p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C219B9CA-00AE-4B6B-A1BE-63AF154F1E50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BB64041-1B61-490E-BA4D-08F9B178CD7D",
"versionEndExcluding": "9.1.0.350\\(c10e3r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865F26AC-8EA6-4003-953C-1FF933AC2A25",
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA96859C-81F6-4227-B228-BF6C82451A1B",
"versionEndExcluding": "9.1.0.350\\(c636e4r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51593F-70AE-47F6-AFE5-02693181E599",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5700C010-5655-4421-AA6B-44DDA28E0E29",
"versionEndExcluding": "9.1.0.311\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC428982-90AF-4232-918C-BB8D5608927A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EC9940-713C-4400-9EB0-23CDEF5E5CD0",
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC428982-90AF-4232-918C-BB8D5608927A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60FA31C3-4B67-40F9-9E39-92F7E25F50A0",
"versionEndExcluding": "9.1.0.325\\(c185e4r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F965BA36-4F41-485C-A7F0-95071BD356C8",
"versionEndExcluding": "9.1.0.335\\(c636e3r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2253BA-D36C-4760-95C7-330C5BBE9B47",
"versionEndExcluding": "9.1.0.345\\(c432e8r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC23449-4B1B-4FF2-AD65-1077C64B19E1",
"versionEndExcluding": "9.1.0.336\\(c605e3r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE2E639-BCE9-4AD2-B10D-C93CE7F7BA4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B37F0AE0-C461-4B70-B790-9606E2D27E0F",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F63CA2F-45B8-4DD3-81AE-8359929AE50B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77C9A1A-0B19-4976-8070-E3D79124C466",
"versionEndExcluding": "9.1.0.350\\(c461e3r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2B4309-0AA2-49A5-A103-0FD0CC893E04",
"versionEndExcluding": "9.1.0.350\\(c185e3r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7B01B2-E3BA-49CF-B651-85404988A481",
"versionEndExcluding": "9.1.0.350\\(c10e5r1p14t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74E0E881-4011-4D0E-BDE2-7FC6B0E2E28A",
"versionEndExcluding": "9.1.0.351\\(c432e5r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C41EF-6F24-4477-A32F-BEE404E4388E",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5193B7-6F3F-4249-BB74-62480893CAB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A20CF38-1A24-4C53-A8A9-D9F90CD3DEF5",
"versionEndExcluding": "9.1.0.328\\(c185e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C049681E-B4CE-4199-9B8A-55430F64E98E",
"versionEndExcluding": "9.1.0.328\\(c432e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7D1955-668A-4849-83A9-AD79F1AECE00",
"versionEndExcluding": "9.1.0.330\\(c461e1r1p9t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCE23A8-5556-47D3-94D5-3B838290E313",
"versionEndExcluding": "9.1.0.328\\(c636e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1554916-5994-4CAE-8101-CF01B199370C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F69B82AD-34E2-4ED6-AACD-355982232959",
"versionEndExcluding": "9.1.0.336\\(c605e4r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D91A6502-BDFF-45ED-A324-297E8B376AEF",
"versionEndExcluding": "9.1.0.311\\(c185e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l09c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7E1345-CAF2-4414-9C04-925AF467629B",
"versionEndExcluding": "9.1.0.345\\(c432e10r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l09c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8CFD3F-D454-4E8E-A6BE-E36ED1929DAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D691689C-4EA7-4C2B-82FF-EBF7E1914C2B",
"versionEndExcluding": "9.1.0.311\\(c605e2r1p12t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ED8852-7D46-493C-9A4B-0D267C4AF7A9",
"versionEndExcluding": "9.1.0.311\\(c636e7r1p13t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD58E3B6-C4C5-4114-87A8-AA8BBBED1014",
"versionEndExcluding": "9.1.0.311\\(c432e7r1p11t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E46E7C-762A-42EF-8FFF-C958855BC69C",
"versionEndExcluding": "9.1.0.311\\(c185e3r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5384ACB4-5D30-4E01-8F54-F896C6027EFC",
"versionEndExcluding": "9.1.0.310\\(c636e3r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4C2C1A-4CC6-4706-8BCF-26C013FB75F2",
"versionEndExcluding": "9.1.0.310\\(c432e3r1p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4EC14-14DE-4AAF-A951-071B4E39270A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "242DFB51-97EC-4190-A6FA-EF748BA007FE",
"versionEndExcluding": "9.1.0.131\\(c00e131r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAE5CB4-FBF2-4570-9419-E7F1C11771FD",
"versionEndExcluding": "9.1.0.310\\(c185e10r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26909FF8-9B5D-4AF8-A811-3ECB5AE5F0AC",
"versionEndExcluding": "9.1.0.135\\(c786e133r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F891A4-1B1B-4B8B-B160-9279BC9F1F1D",
"versionEndExcluding": "9.1.0.135\\(c00e133r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B05287-637D-4BCD-A153-54C4E2D5328D",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D54686F0-EECF-4E50-B5C0-BB940D4FC533",
"versionEndExcluding": "9.1.0.333\\(c00e333r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24F40E10-DBB7-4A3F-8AC7-CFA0255F0938",
"versionEndExcluding": "9.1.0.193",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC306039-7878-426F-821D-306001CA3E92",
"versionEndExcluding": "9.1.0.186\\(c00e180r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AEA14A-FD7D-42FD-BED2-C88E5FBE2E17",
"versionEndExcluding": "9.1.0.220\\(c605e3r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F48ABE15-BC87-4B02-8B39-94DA1DC96B92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1532C2F4-2A09-45F8-9290-7F9211DAF5DD",
"versionEndExcluding": "9.1.0.305\\(c635e8r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_10_lite_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4FAF6E-6457-482C-B93E-DB2F782A2232",
"versionEndExcluding": "9.1.0.283\\(c605e8r2p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033EDED3-AF7B-40D7-A467-E3AAAFB88AE4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B76E03E9-CC25-4B3D-A236-71F132DFF08F",
"versionEndExcluding": "9.1.0.221\\(c461e2r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7635502-0FD1-464E-8C64-1E8FF6235495",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5ED827-6CFC-4D8A-863F-B5BC2574833A",
"versionEndExcluding": "9.1.0.238\\(c432e1r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:jackman-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07F21804-A0B9-48C5-A5E8-144FC3F1476F",
"versionEndExcluding": "9.1.0.247\\(c636e2r4p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:jackman-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B99E236E-D36C-4FE9-93C2-10D01A3A7390",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B99A82F1-6AC5-49A9-BBD6-84021EE314AB",
"versionEndExcluding": "9.1.0.331\\(c432e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3765F0-677E-48FA-8A70-8F5A69660DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l21meb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F496B865-29EC-40FD-80E7-4743DD9B63F3",
"versionEndExcluding": "9.1.0.331\\(c185e4r1p3t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010590E4-2979-4AE3-9B94-7C1BC5CE0533",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:paris-l29b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA05B35-9F89-4048-A533-C940AC64164A",
"versionEndExcluding": "9.1.0.331\\(c636e1r1p3t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "143485B2-5216-4190-8306-63D12362F6AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6D5B81-ED8D-41C1-88DD-9FD23EBD1ABE",
"versionEndExcluding": "9.1.0.212\\(c00e62r1p7t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66A35E71-4D6A-494D-882B-987CE16E3467",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE088454-B444-4A45-B7FF-498354EBACBD",
"versionEndExcluding": "9.1.0.215\\(c432e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EB56-D8A6-4D5C-98B4-3FF056536BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E3BA431-B89F-4DAC-80DD-2DD278D6FE2B",
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EB56-D8A6-4D5C-98B4-3FF056536BF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l21br_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1689E3E-37B9-4EDC-A583-BCB3A7D78EA1",
"versionEndExcluding": "9.1.0.213\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD953016-2468-40BD-8383-9105BA297C26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F41F75B-B181-4B2A-8331-64D77A795FA2",
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40DAF023-9D20-4262-B5BE-F3C61906C9BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydney-l22br_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EACD275C-05DB-4E79-86B7-18892C66ACD6",
"versionEndExcluding": "9.1.0.258\\(c636e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C17CF-D4AA-460E-815F-32FB5C8702A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF59B4B4-E0F6-43F4-9DC8-6330D8E54957",
"versionEndExcluding": "9.1.0.228\\(c00e78r1p7t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA53F55-8938-4DA9-B41A-D7E430D2A16F",
"versionEndExcluding": "9.1.0.215\\(c782e2r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "098FDD61-E3C6-4A7B-8EC7-9F4F847F2D85",
"versionEndExcluding": "9.1.0.213\\(c185e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB62B7A4-3FE5-4BBF-A63B-B8BA55689532",
"versionEndExcluding": "9.1.0.270\\(c432e3r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8A442-CE31-4C9B-8474-CE0D1D18A4CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l03_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D84E8681-137D-497C-A4E9-7A9518519669",
"versionEndExcluding": "9.1.0.217\\(c605e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAB87A0-CF6A-4219-973C-EFEE5A4C6657",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73849B9E-BD8E-46A9-9D79-41210455C02B",
"versionEndExcluding": "9.1.0.221\\(c461e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE69226-79D4-4CB9-8E81-BC82A8A98095",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06D9B4FD-5C40-4824-A64F-BD324E87D5AD",
"versionEndExcluding": "9.1.0.215\\(c432e4r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE69226-79D4-4CB9-8E81-BC82A8A98095",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C93CDC1-1F31-44A2-AFE8-3744121F7BB8",
"versionEndExcluding": "9.1.0.259\\(c185e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41406787-C8CD-426A-9F5B-E2D99430BD10",
"versionEndExcluding": "9.1.0.220\\(c635e1r1p2t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l22_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D745CD0-C26D-4E73-9BFA-68E0C11E5E64",
"versionEndExcluding": "9.1.0.216\\(c569e1r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D9B914-5EDF-46A5-992B-EBD49191EC4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:sydneym-l23_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28BB1F95-8AB3-46EA-8509-A48B8FEC51CD",
"versionEndExcluding": "9.1.0.226\\(c605e2r1p1t8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE752CEC-D5BA-4C59-A2F1-9D13B3B8A6D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "782EE52E-D3F2-4DAA-886D-82C04BAB405F",
"versionEndExcluding": "9.1.0.154\\(c432e2r3p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BAB5A99-C9EC-479C-9FD9-B444DA0C3E7E",
"versionEndExcluding": "9.1.0.154\\(c461e2r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D99D9D-6569-44B3-B437-6E26D70427E9",
"versionEndExcluding": "9.1.0.154\\(c636e2r2p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF22C4E0-04AD-4E29-AE33-683DB15B9999",
"versionEndExcluding": "9.1.0.152\\(c00e150r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE504AB8-68B4-4C72-A5B5-1127487CA3B0",
"versionEndExcluding": "10.0.0.187",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86489593-F6E2-480E-9381-540FA4256A84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302DF5FB-66EA-461B-8AD8-46ED1A915C4E",
"versionEndExcluding": "9.1.0.234\\(c00e234r4p3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF332D5-0799-487A-970B-E0FB7435207D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
},
{
"lang": "es",
"value": "Hay dos vulnerabilidades de denegaci\u00f3n de servicio en algunos tel\u00e9fonos inteligentes Huawei. Un atacante puede enviar mensajes TD-SCDMA especialmente dise\u00f1ados desde una estaci\u00f3n base no autorizada a los dispositivos afectados. Debido a una comprobaci\u00f3n insuficiente de entrada de dos valores al analizar los mensajes, una explotaci\u00f3n con \u00e9xito puede causar un dispositivo anormal. Esta es 1 de 2 vulnerabilidades. Diferente a CVE-2020-5303. Los productos afectados y sus son: ALP-AL00B: anteriores a 9.1.0.333(C00E333R2P1T8) ALP-L09: anteriores a 9.1.0.300(C432E4R1P9T8) ALP-L29: anteriores a 9.1.0.315(C636E5R1P13T8) BLA-L29C: anteriores a 9.1.0.321(C636E4R1P14T8), anteriores a 9.1.0.330(C432E6R1P12T8), anteriores a 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: anteriores a 9.1.0.333(C00E333R2P1T8) Berkeley-L09: anteriores a 9.1.0.350(C10E3R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8), anteriores a 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: anteriores a 9.1.0.311(C185E4R1P11T8), anteriores a 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: anteriores a 9.1.0.325(C185E4R1P11T8), anteriores a 9.1.0.335(C636E3R1P13T8), anteriores a 9.1.0.345(C432E8R1P11T8), anteriores a 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: anteriores a 9.1.0.333(C00E333R1P1T8) Columbia-L29D: anteriores a 9.1.0.350(C461E3R1P11T8), anteriores a 9.1.0.350(C185E3R1P12T8), anteriores a 9.1.0.350(C10E5R1P14T8), anteriores a 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: anteriores a 9.1.0.333(C00E333R1P1T8) Cornell-L29A: anteriores a 9.1.0.328(C185E1R1P9T8), anteriores a 9.1.0.328(C432E1R1P9T8), anteriores a 9.1.0.330(C461E1R1P9T8), anteriores a 9.1.0.328(C636E2R1P12T8) Emily-L09C: anteriores a 9.1.0.336(C605E4R1P12T8), anteriores a 9.1.0.311(C185E2R1P12T8), anteriores a 9.1.0.345(C432E10R1P12T8) Emily-L29C: anteriores a 9.1.0.311(C605E2R1P12T8), anteriores a 9.1.0.311(C636E7R1P13T8), anteriores a 9.1.0.311(C432E7R1P11T8) Ever-L29B: anteriores a 9.1.0.311(C185E3R3P1), anteriores a 9.1.0.310(C636E3R2P1), anteriores a 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: anteriores a 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: anteriores a 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: anteriores a 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: anteriores a 9.1.0.135(C00E133R2P1) HUAWEI P20: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: anteriores a 9.1.0.333(C00E333R1P1T8) HUAWEI P30: anteriores a 9.1.0.193 HUAWEI P30 Pro: anteriores a 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: anteriores a 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: anteriores a 9.1.0.305(C635E8R2P2) Honor 10 Lite: anteriores a 9.1.0.283(C605E8R2P2) Honor 8X: anteriores a 9.1.0.221(C461E2R1P1T8) Honor View 20: anteriores a 9.1.0.238(C432E1R3P1) Jackman-L22: anteriores a 9.1.0.247(C636E2R4P1T8) Paris-L21B: anteriores a 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: anteriores a 9.1.0.331(C185E4R1P3T8) Paris-L29B: anteriores a 9.1.0.331(C636E1R1P3T8) Sydney-AL00: anteriores a 9.1.0.212(C00E62R1P7T8) Sydney-L21: anteriores a 9.1.0.215(C432E1R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: anteriores a 9.1.0.213(C185E1R1P2T8) Sydney-L22: anteriores a 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: anteriores a 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: anteriores a 9.1.0.228(C00E78R1P7T8) SydneyM-L01: anteriores a 9.1.0.215(C782E2R1P1T8), anteriores a 9.1.0.213(C185E1R1P1T8), anteriores a 9.1.0.270(C432E3R1P1T8) SydneyM-L03: anteriores a 9.1.0.217(C605E1R1P1T8) SydneyM-L21: anteriores a 9.1.0.221(C461E1R1P1T8), anteriores a 9.1.0.215(C432E4R1P1T8) SydneyM-L22: anteriores a 9.1.0.259(C185E1R1P2T8), anteriores a 9.1.0.220(C635E1R1P2T8), anteriores a 9.1.0.216(C569E1R1P1T8) SydneyM-L23: anteriores a 9.1.0.226(C605E2R1P1T8) Yale-L21A: anteriores a 9.1.0.154(C432E2R3P2), anteriores a 9.1.0.154(C461E2R2P1), anteriores a 9.1.0.154(C636E2R2P1) Honor 20: anteriores a 9.1.0.152(C00E150R5P1) Honor Magic2: anteriores a 10.0.0.187 Honor V20: anteriores a 9.1.0.234(C00E234R4P3)"
}
],
"id": "CVE-2019-5302",
"lastModified": "2024-11-21T04:44:42.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-27T20:15:12.337",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-27 10:15
Modified
2025-01-13 18:58
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE102A6B-1DA7-43CA-9C8E-DA7E3C7FF8C2",
"versionEndExcluding": "10.1.0.120\\(c431e19r2p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00376EE7-FED1-400D-8546-D726CDDAC892",
"versionEndExcluding": "10.1.0.120\\(c432e19r2p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC534873-48EE-4C7F-A27E-DB70BA3FD5D0",
"versionEndExcluding": "10.1.0.126\\(c10e11r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55B88481-4861-4840-B1B2-0E5DD37CC4A5",
"versionEndExcluding": "10.1.0.126\\(c461e11r3p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller\u0027s access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de informaci\u00f3n en los tel\u00e9fonos inteligentes Huawei. Se puede llamar a una funci\u00f3n de un m\u00f3dulo sin verificar el acceso del autor de la llamada. Los atacantes con acceso de usuario pueden aprovechar esta vulnerabilidad para obtener cierta informaci\u00f3n. Esto puede provocar una fuga de informaci\u00f3n. (ID de vulnerabilidad: HWPSIRT-2019-12141) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2020-9089."
}
],
"id": "CVE-2020-9089",
"lastModified": "2025-01-13T18:58:56.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-27T10:15:13.487",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot."
},
{
"lang": "es",
"value": "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura y escritura fuera de l\u00edmites.\u0026#xa0;Un atacante no autenticado dise\u00f1a un mensaje malformado con un par\u00e1metro espec\u00edfico y env\u00eda el mensaje hacia los productos afectados.\u0026#xa0;Debido a una comprobaci\u00f3n insuficiente del mensaje, que puede ser explotado para causar el reinicio del proceso"
}
],
"id": "CVE-2020-9108",
"lastModified": "2024-11-21T05:40:03.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-12T14:15:14.293",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-07 13:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F274713-28DD-423D-9298-F0D05465D654",
"versionEndExcluding": "10.1.0.230\\(c432e9r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD",
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE421D2-9633-43AA-8548-9F2E8A7B724A",
"versionEndExcluding": "10.1.0.270\\(c432e7r1p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73419613-9F87-4E99-9A8D-D8B6B74F882D",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:9.1.0.272\\(c635e4r2p2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09F3E84F-6F0A-40BC-91D5-C08A065EE345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "171D6C45-8616-4D7A-8869-7C69DB877316",
"versionEndExcluding": "10.1.0.273\\(c185e5r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:laya-al00ep_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBD1414-620B-4367-BF57-9AED468EA81C",
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3A54AE-DC30-429B-8FB8-BE6EB933E685",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B4B9600-877F-458C-8E89-40E0B0D21E8A",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE2094-71C2-4C64-860E-67DE745110AD",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF4CBFD-6BB8-46B0-85B2-C2C144190AA0",
"versionEndExcluding": "10.1.0.225\\(c432e3r1p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-tl00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C61685-A7A9-4E2E-BA7B-15A3C32B3F4B",
"versionEndExcluding": "10.1.0.160\\(c01e160r8p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yalep-al10b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A68AFA26-2D0F-4896-AB42-4E3327935F9D",
"versionEndExcluding": "10.1.0.160\\(c00e160r8p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D81385-913B-4A38-A712-41CAE7B78DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8A96B1-0C57-4BDE-A4A4-1409A19B8C88",
"versionEndExcluding": "10.1.0.231\\(c10e3r3p2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6E8C02-F0E4-456E-A456-93FC2C568DF2",
"versionEndExcluding": "10.1.0.270\\(c635e3r1p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9AA09E4-2CEF-4482-AA24-00AF0C2E7050",
"versionEndExcluding": "10.1.0.273\\(c185e7r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45D23DA1-BD80-4157-A418-56A8B5DA544D",
"versionEndExcluding": "10.1.0.273\\(c636e7r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07AE032D-2BA2-4717-8280-98182B3A61AB",
"versionEndExcluding": "10.1.0.277\\(c10e7r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC8A76AE-FE0F-4C53-86EC-7663351D4EF9",
"versionEndExcluding": "10.1.0.277\\(c605e7r1p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17DCDDE2-A0F8-451D-8B92-029EAD61A6D2",
"versionEndExcluding": "10.1.0.123\\(c432e22r2p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67F9D5D0-FA78-4FE6-945F-C92692EE5E15",
"versionEndExcluding": "10.1.0.126\\(c10e7r5p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB36260-4707-4F6C-A5EF-9948BB1C5018",
"versionEndExcluding": "10.1.0.126\\(c185e4r7p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC986DB-F634-4E50-9934-AE9406CBA72A",
"versionEndExcluding": "10.1.0.126\\(c605e19r1p3\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA764DAA-0533-4A69-95A3-00260583800B",
"versionEndExcluding": "10.1.0.126\\(c636e5r3p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A19133CB-485B-4FF9-A103-6A76CB9332F5",
"versionEndExcluding": "10.1.0.126\\(c636e7r3p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF06609-7E15-4F42-A112-9925185F5925",
"versionEndExcluding": "10.1.0.273\\(c636e5r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:hima-l29c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6066AB6A-2C61-4192-95DE-9CF1173F5666",
"versionEndExcluding": "10.1.0.275\\(c10e4r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366DC5C5-9276-4921-9ABD-92941B0CEE6D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:yale-l61a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3687F033-B75A-497E-B435-87D5D2F2A071",
"versionEndExcluding": "10.1.0.226\\(c10e3r1p1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:yale-l61a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB7B562-CDE8-47F2-8537-52AB3640E218",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en varios productos de Huawei. El sistema no valida suficientemente ciertos par\u00e1metros de configuraci\u00f3n que son pasados desde usuario y que causar\u00edan un desbordamiento del b\u00fafer. El atacante deber\u00eda enga\u00f1ar al usuario para que instale y ejecute una aplicaci\u00f3n maliciosa con un alto privilegio; una explotaci\u00f3n con \u00e9xito puede provocar una ejecuci\u00f3n de c\u00f3digo. Los productos afectados incluyen Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B y YaleP- AL10B"
}
],
"id": "CVE-2020-9247",
"lastModified": "2024-11-21T05:40:15.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-07T13:15:11.123",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "psirt@huawei.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-18 14:15
Modified
2024-11-21 05:11
Severity ?
Summary
HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E435BD0-2D12-4A15-BF67-4E83C1848884",
"versionEndExcluding": "10.1.0.135\\(c00e135r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5A64DE-1846-44E8-AA2D-E2EF15F308AA",
"versionEndExcluding": "10.1.0.135\\(c00e135r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package\u0027s integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device."
},
{
"lang": "es",
"value": "HUAWEI P30 y HUAWEI P30 Pro con versiones anteriores a 10.1.0.135(C00E135R2P11) y versiones anteriores a 10.1.0.135(C00E135R2P8), presentan una vulnerabilidad de comprobaci\u00f3n de integridad insuficiente. El sistema no comprueba suficientemente la integridad de determinados paquetes de software. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante cargar un paquete de software dise\u00f1ado en el dispositivo"
}
],
"id": "CVE-2020-1834",
"lastModified": "2024-11-21T05:11:27.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-18T14:15:11.187",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-21 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service."
},
{
"lang": "es",
"value": "Los tel\u00e9fonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de lectura fuera de l\u00edmites. Algunas funciones carecen de verificaci\u00f3n cuando procesan algunos mensajes enviados desde otro m\u00f3dulo. Unos atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de mensajes maliciosos para causar una lectura fuera de l\u00edmites. Esto puede comprometer el servicio normal."
}
],
"id": "CVE-2020-9096",
"lastModified": "2024-11-21T05:40:00.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-21T14:15:11.277",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-12 14:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure."
},
{
"lang": "es",
"value": "Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de salto de ruta.\u0026#xa0;El sistema no comprueba suficientemente determinado nombre de ruta, una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante acceder a archivos y causar una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-9106",
"lastModified": "2024-11-21T05:40:02.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-12T14:15:14.183",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-11 19:15
Modified
2024-11-21 05:40
Severity ?
Summary
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "165A8717-DD86-4BC0-AB3C-BD7F92DF68CD",
"versionEndExcluding": "10.1.0.160\\(c00e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CAC2512-1577-4DB3-AC23-A5F4BF0D9127",
"versionEndExcluding": "10.1.0.270\\(c431e7r1p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73419613-9F87-4E99-9A8D-D8B6B74F882D",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29C7558A-D8B6-4773-A14D-38EDFFD96E5E",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "939C475D-62F1-4739-A010-8EB1D254352D",
"versionEndExcluding": "10.1.0.160\\(c786e160r3p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD3EC3-7E9B-4904-8317-C3528D1CAFEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA59594-AD02-44FC-B3A4-91D961A5A81D",
"versionEndExcluding": "10.0.0.187\\(c00e61r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A0DA8-F39F-4343-856C-4BCDFB874DD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2972F40-6507-40D2-8F9B-40A3BDBC6142",
"versionEndExcluding": "10.0.0.175\\(c00e58r4p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55571AAC-B8B2-48D0-8486-BB2992A39568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8A69A7-BDA8-42C7-800D-A15928E1FDBC",
"versionEndExcluding": "10.0.0.194\\(c00e62r8p12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2BCA7E-E555-45D1-807A-F53682B0C383",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_v20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F48C40-4FAC-4311-98F1-99FC480C2C90",
"versionEndExcluding": "10.0.0.188\\(c00e62r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_v20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF332D5-0799-487A-970B-E0FB7435207D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6E8C02-F0E4-456E-A456-93FC2C568DF2",
"versionEndExcluding": "10.1.0.270\\(c635e3r1p5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45D23DA1-BD80-4157-A418-56A8B5DA544D",
"versionEndExcluding": "10.1.0.273\\(c636e7r2p4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:honor_magic_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA59594-AD02-44FC-B3A4-91D961A5A81D",
"versionEndExcluding": "10.0.0.187\\(c00e61r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:honor_magic_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A0DA8-F39F-4343-856C-4BCDFB874DD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged"
},
{
"lang": "es",
"value": "Versiones de HUAWEI Mate 20 Versiones anteriores a 10.1.0.160(C00E160R3P8); versiones de HUAWEI Mate 20 Pro Versiones anteriores a 10.1.0.270(C431E7R1P5), Versiones anteriores a 10.1.0.270(C635E3R1P5), Versiones anteriores a 10.1.0.273(C636E7R2WE); versiones de Mate 20 X Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI P30 Versiones anteriores a 10.1.0.160(C00E160R2P11); versiones de HUAWEI P30 Pro Versiones anteriores a 10.1.0.160(C00E160R2P8); versiones de HUAWEI Mate 20 RS Versiones anteriores a 10.1 .0.160(C786E160R3P8); versiones de HonorMagic2 Versiones anteriores a 10.0.0.187(C00E61R2P11); versiones de Honor20 Versiones anteriores a 10.0.0.175(C00E58R4P11); versiones de Honor20 PRO Versiones anteriores a 10.0.0.194(C00E62R8P12); versiones de HonorMagic2 10.0.0.187(C00E61R2P11); versiones de HonorV20 Versiones anteriores a 10.0.0.188(C00E62R2P11), presentan una vulnerabilidad de autenticaci\u00f3n inapropiada. El sistema no firma adecuadamente determinado archivo cifrado, el atacante debe conseguir la clave usada para cifrar el archivo, una explotaci\u00f3n con \u00e9xito podr\u00eda causar que cierto archivo sea falsificado"
}
],
"id": "CVE-2020-9244",
"lastModified": "2024-11-21T05:40:15.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-11T19:15:17.687",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-06 19:15
Modified
2024-11-21 05:11
Severity ?
Summary
HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | p30_firmware | * | |
| huawei | p30 | - | |
| huawei | p30_pro_firmware | * | |
| huawei | p30_pro | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29C7558A-D8B6-4773-A14D-38EDFFD96E5E",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p11\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4818ECF7-B4D4-4AF4-9DAA-FE08F56B26FC",
"versionEndExcluding": "10.1.0.160\\(c00e160r2p8\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure."
},
{
"lang": "es",
"value": "HUAWEI P30 con versiones anteriores a 10.1.0.160(C00E160R2P11) y HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n. Una configuraci\u00f3n predeterminada de ciertas funciones en el sistema parece no segura, un atacante deber\u00eda dise\u00f1ar un hotspot WI-FI para iniciar el ataque. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2020-1836",
"lastModified": "2024-11-21T05:11:27.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-06T19:15:12.400",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2020-1834
Vulnerability from cvelistv5
Published
2020-06-18 13:57
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30;HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.135(C00E135R2P11) Version: Versions earlier than 10.1.0.135(C00E135R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30;HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.135(C00E135R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.135(C00E135R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package\u0027s integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient Integrity Check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-18T13:57:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30;HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.135(C00E135R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.135(C00E135R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package\u0027s integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient Integrity Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1834",
"datePublished": "2020-06-18T13:57:07",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-1836
Vulnerability from cvelistv5
Published
2020-07-06 18:25
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30;HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P11) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30;HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-06T18:25:19",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30;HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1836",
"datePublished": "2020-07-06T18:25:19",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5227
Vulnerability from cvelistv5
Published
2019-11-29 19:24
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | P30, P30 Pro, Mate 20, HiSuite |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P30, P30 Pro, Mate 20, HiSuite",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "version downgrade",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-29T19:24:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P30, P30 Pro, Mate 20, HiSuite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "version downgrade"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5227",
"datePublished": "2019-11-29T19:24:05",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9107
Vulnerability from cvelistv5
Published
2020-10-12 13:33
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.004Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Read and Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T13:33:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read and Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-readwriteoutbound-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9107",
"datePublished": "2020-10-12T13:33:25",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5302
Vulnerability from cvelistv5
Published
2020-04-27 19:50
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | Sydney-L21 |
Version: Versions earlier than 9.1.0.215(C432E1R1P1T8) Version: Versions earlier than 9.1.0.213(C185E1R1P1T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:52.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sydney-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
},
{
"product": "Sydney-L21BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
},
{
"product": "Sydney-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "Sydney-L22BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "SydneyM-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
},
{
"product": "SydneyM-L01",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
},
{
"product": "SydneyM-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
},
{
"product": "SydneyM-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
},
{
"product": "Honor 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
},
{
"product": "Honor Magic2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187"
}
]
},
{
"product": "Honor V20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
},
{
"product": "HUAWEI Mate 20 RS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
},
{
"product": "HUAWEI P20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.193"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
},
{
"product": "HUAWEI Y9 2019",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
},
{
"product": "HUAWEI nova lite 3",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
},
{
"product": "Honor 8X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
},
{
"product": "Honor View 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
},
{
"product": "Jackman-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
},
{
"product": "Paris-L21B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
},
{
"product": "Paris-L21MEB",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
},
{
"product": "Paris-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
},
{
"product": "Sydney-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
},
{
"product": "Charlotte-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
},
{
"product": "Columbia-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Columbia-L29D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
},
{
"product": "Cornell-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Cornell-L29A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
},
{
"product": "Emily-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
},
{
"product": "Ever-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
},
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
},
{
"product": "Charlotte-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T19:50:50",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sydney-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L21BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
}
},
{
"product_name": "Sydney-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L22BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
}
},
{
"product_name": "SydneyM-L01",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L03",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L23",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
}
},
{
"product_name": "Honor 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.187"
}
]
}
},
{
"product_name": "Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
}
},
{
"product_name": "HUAWEI P20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.193"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Y9 2019",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI nova lite 3",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
}
},
{
"product_name": "Honor 8X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
}
},
{
"product_name": "Jackman-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
}
},
{
"product_name": "Paris-L21B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
}
},
{
"product_name": "Paris-L21MEB",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
}
},
{
"product_name": "Paris-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
}
},
{
"product_name": "Sydney-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Charlotte-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
}
},
{
"product_name": "Columbia-AL10B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Columbia-L29D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
}
},
{
"product_name": "Cornell-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Cornell-L29A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
}
},
{
"product_name": "Ever-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
}
},
{
"product_name": "Charlotte-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5302",
"datePublished": "2020-04-27T19:50:50",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:52.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9247
Vulnerability from cvelistv5
Published
2020-12-07 12:49
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | HONOR 20 PRO |
Version: unspecified < 10.1.0.230(C432E9R5P1) Version: unspecified < 10.1.0.231(C10E3R3P2) |
||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HONOR 20 PRO",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.230(C432E9R5P1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.231(C10E3R3P2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C00E160R3P8)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.270(C432E7R1P5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.270(C635E3R1P5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.273(C185E7R2P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.273(C636E7R2P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.277(C10E7R2P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.277(C605E7R1P5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C00E160R2P8)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "9.1.0.272(C635E4R2P2)"
},
{
"lessThan": "10.1.0.123(C432E22R2P5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.126(C10E7R5P1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.126(C185E4R7P1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.126(C605E19R1P3)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.126(C636E5R3P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.126(C636E7R3P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C00E160R2P8)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Hima-L29C",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.273(C185E5R2P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.273(C636E5R2P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.275(C10E4R2P4)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Laya-AL00EP",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C786E160R3P8)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Princeton-AL10B",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C00E160R2P11)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Tony-AL00B",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C00E160R2P11)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Yale-L61A",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.225(C432E3R1P2)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "10.1.0.226(C10E3R1P1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Yale-TL00B",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C01E160R8P12)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "YaleP-AL10B",
"vendor": "Huawei",
"versions": [
{
"lessThan": "10.1.0.160(C00E160R8P12)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-07T12:49:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
}
],
"source": {
"advisory": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HONOR 20 PRO",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.230(C432E9R5P1)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.231(C10E3R3P2)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C00E160R3P8)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.270(C432E7R1P5)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.270(C635E3R1P5)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.273(C185E7R2P4)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.273(C636E7R2P4)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.277(C10E7R2P4)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.277(C605E7R1P5)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C00E160R2P8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9.1.0.272(C635E4R2P2)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.123(C432E22R2P5)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.126(C10E7R5P1)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.126(C185E4R7P1)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.126(C605E19R1P3)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.126(C636E5R3P4)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.126(C636E7R3P4)"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C00E160R2P8)"
}
]
}
},
{
"product_name": "Hima-L29C",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.273(C185E5R2P4)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.273(C636E5R2P4)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.275(C10E4R2P4)"
}
]
}
},
{
"product_name": "Laya-AL00EP",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C786E160R3P8)"
}
]
}
},
{
"product_name": "Princeton-AL10B",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C00E160R2P11)"
}
]
}
},
{
"product_name": "Tony-AL00B",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C00E160R2P11)"
}
]
}
},
{
"product_name": "Yale-L61A",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.225(C432E3R1P2)"
},
{
"version_affected": "\u003c",
"version_value": "10.1.0.226(C10E3R1P1)"
}
]
}
},
{
"product_name": "Yale-TL00B",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C01E160R8P12)"
}
]
}
},
{
"product_name": "YaleP-AL10B",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "10.1.0.160(C00E160R8P12)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
}
]
},
"source": {
"advisory": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9247",
"datePublished": "2020-12-07T12:49:00",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-0022
Vulnerability from cvelistv5
Published
2020-02-13 14:21
Modified
2024-08-04 05:47
Severity ?
EPSS score ?
Summary
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
References
| ▼ | URL | Tags |
|---|---|---|
| https://source.android.com/security/bulletin/2020-02-01 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2020/Feb/10 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html | x_refsource_MISC | |
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "9.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "10.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "8.1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-0022",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-28T13:54:56.691635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-28T14:00:17.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2020-02-01"
},
{
"name": "20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android-8.0 Android-8.1 Android-9 Android-10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-13T13:06:27",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.android.com/security/bulletin/2020-02-01"
},
{
"name": "20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2020-0022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.0 Android-8.1 Android-9 Android-10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2020-02-01",
"refsource": "MISC",
"url": "https://source.android.com/security/bulletin/2020-02-01"
},
{
"name": "20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Feb/10"
},
{
"name": "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2020-0022",
"datePublished": "2020-02-13T14:21:41",
"dateReserved": "2019-10-17T00:00:00",
"dateUpdated": "2024-08-04T05:47:40.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9081
Vulnerability from cvelistv5
Published
2024-12-27 09:34
Modified
2024-12-27 16:08
Severity ?
EPSS score ?
Summary
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | HUAWEI Mate 20 |
Version: Versions earlier than 10.1.0.160(C00E160R3P8) Version: Versions earlier than 10.1.0.160(C01E160R2P8) |
||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-9081",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T16:07:50.855336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T16:08:00.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R3P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C01E160R2P8)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C01E160R2P8)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Princeton-AL10D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Yale-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R8P12)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Yale-AL50A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.88(C00E88R8P1)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "YaleP-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R8P12)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.\u003c/p\u003e"
}
],
"value": "There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\n\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T09:34:40.332Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9081",
"datePublished": "2024-12-27T09:34:40.332Z",
"dateReserved": "2020-02-18T00:00:00.000Z",
"dateUpdated": "2024-12-27T16:08:00.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9123
Vulnerability from cvelistv5
Published
2020-10-12 13:41
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T13:41:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9123",
"datePublished": "2020-10-12T13:41:48",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9095
Vulnerability from cvelistv5
Published
2020-08-21 13:26
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T13:26:27",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-03-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9095",
"datePublished": "2020-08-21T13:26:27",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5215
Vulnerability from cvelistv5
Published
2019-06-04 18:44
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei | P30,P30 Pro |
Version: The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) Version: The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P30,P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
},
{
"status": "affected",
"version": "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
}
]
}
],
"datePublic": "2019-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "man-in-the-middle",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-04T18:44:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P30,P30 Pro",
"version": {
"version_data": [
{
"version_value": "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
},
{
"version_value": "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "man-in-the-middle"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190517-01-share-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5215",
"datePublished": "2019-06-04T18:44:57",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9260
Vulnerability from cvelistv5
Published
2020-07-10 13:08
Modified
2024-08-04 10:26
Severity ?
EPSS score ?
Summary
HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30;HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.123(C432E22R2P5) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:26:15.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30;HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.123(C432E22R2P5)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-10T13:08:18",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30;HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.123(C432E22R2P5)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function\u0027s default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9260",
"datePublished": "2020-07-10T13:08:18",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:26:15.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9506
Vulnerability from cvelistv5
Published
2019-08-14 16:27
Modified
2024-09-16 19:14
Severity ?
EPSS score ?
Summary
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"N/A"
],
"product": "BR/EDR",
"vendor": "Bluetooth",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"datePublic": "2019-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310 Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-30T10:06:23",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#918987",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
],
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"title": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation",
"workarounds": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "KNOB",
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2019-08-14",
"ID": "CVE-2019-9506",
"STATE": "PUBLIC",
"TITLE": "Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BR/EDR",
"version": {
"version_data": [
{
"platform": "N/A",
"version_affected": "\u003c=",
"version_name": "5.1",
"version_value": "5.1"
}
]
}
}
]
},
"vendor_name": "Bluetooth"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Daniele Antonioli\u201a Nils Ole Tippenhauer, Kasper Rasmussen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310 Cryptographic Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#918987",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"name": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html",
"refsource": "MISC",
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"name": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli",
"refsource": "MISC",
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"name": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/",
"refsource": "CONFIRM",
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/14"
},
{
"name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/11"
},
{
"name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/13"
},
{
"name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Aug/15"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"name": "USN-4115-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"name": "USN-4118-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"name": "USN-4147-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"name": "RHSA-2019:2975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2975"
},
{
"name": "openSUSE-SU-2019:2307",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"name": "openSUSE-SU-2019:2308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"name": "RHSA-2019:3076",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3076"
},
{
"name": "RHSA-2019:3055",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3055"
},
{
"name": "RHSA-2019:3089",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3089"
},
{
"name": "RHSA-2019:3187",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3187"
},
{
"name": "RHSA-2019:3165",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3165"
},
{
"name": "RHSA-2019:3217",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3217"
},
{
"name": "RHSA-2019:3220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3220"
},
{
"name": "RHSA-2019:3231",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3231"
},
{
"name": "RHSA-2019:3218",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3218"
},
{
"name": "RHSA-2019:3309",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"name": "RHSA-2019:3517",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"name": "RHSA-2020:0204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
}
]
},
"source": {
"advisory": "VU#918987",
"defect": [
"VU#918987"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Bluetooth SIG Expedited Errata Correction 11838"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9506",
"datePublished": "2019-08-14T16:27:45.059869Z",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-09-16T19:14:13.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5307
Vulnerability from cvelistv5
Published
2019-06-04 18:55
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei | P30,P30 Pro |
Version: The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) Version: The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P30,P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
},
{
"status": "affected",
"version": "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
}
]
}
],
"datePublic": "2019-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "message replay",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-04T18:55:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P30,P30 Pro",
"version": {
"version_data": [
{
"version_value": "The versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
},
{
"version_value": "The versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1) and P30 Pro versions before VOG-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on the NAS message sequence number (SN), specifically NAS COUNT. As a result, an attacker can construct a rogue base station and replay the GUTI reallocation command message in certain conditions to tamper with GUTIs, or replay the Identity request message to obtain IMSIs. (Vulnerability ID: HWPSIRT-2019-04107)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "message replay"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-replay-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5307",
"datePublished": "2019-06-04T18:55:48",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9108
Vulnerability from cvelistv5
Published
2020-10-12 13:27
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Read and Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T13:27:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read and Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-outofbound-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9108",
"datePublished": "2020-10-12T13:27:20",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5251
Vulnerability from cvelistv5
Published
2019-12-13 14:30
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s |
Version: Versions earlier than 9.1.0.333(C00E333R2P1T8) Version: Versions earlier than 9.1.0.226(C00E220R2P1) Version: Versions earlier than 9.1.0.130(C00E115R2P8T8) Version: Versions earlier than 9.1.0.139(C00E133R3P1) Version: Versions earlier than 9.1.0.130(C00E112R2P10T8) Version: Versions earlier than 9.1.0.143(C636E5R1P5T8) Version: Versions earlier than 9.1.0.120(C00E113R1P6T8) Version: Versions earlier than 9.1.1.150(C00E150R1P150) Version: Versions earlier than 9.1.0.226(C00E210R2P1) Version: Versions earlier than 9.1.1.132(C00E131R6P1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C00E220R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.130(C00E115R2P8T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.139(C00E133R3P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.130(C00E112R2P10T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.143(C636E5R1P5T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.120(C00E113R1P6T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.1.150(C00E150R1P150)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C00E210R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.1.132(C00E131R6P1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T14:30:18",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Honor V10;P30;Mate 20;Honor 9 Lite;Honor 9i;M6;P30 Pro;Honor 20s",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.226(C00E220R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.130(C00E115R2P8T8)"
},
{
"version_value": "Versions earlier than 9.1.0.139(C00E133R3P1)"
},
{
"version_value": "Versions earlier than 9.1.0.130(C00E112R2P10T8)"
},
{
"version_value": "Versions earlier than 9.1.0.143(C636E5R1P5T8)"
},
{
"version_value": "Versions earlier than 9.1.0.120(C00E113R1P6T8)"
},
{
"version_value": "Versions earlier than 9.1.1.150(C00E150R1P150)"
},
{
"version_value": "Versions earlier than 9.1.0.226(C00E210R2P1)"
},
{
"version_value": "Versions earlier than 9.1.1.132(C00E131R6P1)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5251",
"datePublished": "2019-12-13T14:30:18",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9254
Vulnerability from cvelistv5
Published
2020-07-17 22:36
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.123(C432E19R2P5patch02) Version: Versions earlier than 10.1.0.126(C10E11R5P1) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.123(C432E19R2P5patch02)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Logic Check Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T22:36:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.123(C432E19R2P5patch02)"
},
{
"version_value": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic Check Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9254",
"datePublished": "2020-07-17T22:36:56",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5228
Vulnerability from cvelistv5
Published
2019-11-12 22:42
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | P30, P30 Pro, Honor V20 |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P30, P30 Pro, Honor V20",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race Condition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T22:42:29",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P30, P30 Pro, Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain detection module of P30, P30 Pro, Honor V20 smartphone whith Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12), Versions earlier than Princeton-AL10B 9.1.0.233(C00E233R4P3) have a race condition vulnerability. The system does not lock certain function properly, when the function is called by multiple processes could cause out of bound write. An attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race Condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en",
"refsource": "MISC",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5228",
"datePublished": "2019-11-12T22:42:29",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5226
Vulnerability from cvelistv5
Published
2019-11-29 18:57
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | P30, P30 Pro, Mate 20, HiSuite |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P30, P30 Pro, Mate 20, HiSuite",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "version downgrade",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-29T18:57:30",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P30, P30 Pro, Mate 20, HiSuite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "version downgrade"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5226",
"datePublished": "2019-11-29T18:57:30",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9245
Vulnerability from cvelistv5
Published
2020-08-10 19:28
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | n/a | HUAWEI P30, HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P11) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30, HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
}
]
},
{
"product": "HUAWEI P30, HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-10T19:28:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9245",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30, HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
}
]
}
}
]
},
"vendor_name": "n/a"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30, HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9245",
"datePublished": "2020-08-10T19:28:04",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5303
Vulnerability from cvelistv5
Published
2020-04-27 20:01
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Huawei | ALP-AL00B |
Version: Versions earlier than 9.1.0.333(C00E333R2P1T8) |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
},
{
"product": "Charlotte-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
},
{
"product": "Charlotte-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
},
{
"product": "Columbia-AL10B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Columbia-L29D",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
},
{
"product": "Cornell-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "Cornell-L29A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
},
{
"product": "Emily-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
},
{
"product": "Ever-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
},
{
"product": "HUAWEI Mate 20 RS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
},
{
"product": "HUAWEI Mate 20 X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
},
{
"product": "HUAWEI P20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P20 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
},
{
"product": "HUAWEI P30",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.193"
}
]
},
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
},
{
"product": "HUAWEI Y9 2019",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
},
{
"product": "HUAWEI nova lite 3",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
},
{
"product": "Honor 8X",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
},
{
"product": "Honor View 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
},
{
"product": "Jackman-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
},
{
"product": "Paris-L21B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
},
{
"product": "Paris-L21MEB",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
},
{
"product": "Paris-L29B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
},
{
"product": "Sydney-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
},
{
"product": "Sydney-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
},
{
"product": "Sydney-L21BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
},
{
"product": "Sydney-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "Sydney-L22BR",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
},
{
"product": "SydneyM-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
},
{
"product": "SydneyM-L01",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
},
{
"product": "SydneyM-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
},
{
"product": "SydneyM-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
},
{
"product": "SydneyM-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
},
{
"product": "Yale-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"status": "affected",
"version": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
},
{
"product": "Honor 20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
},
{
"product": "Honor Magic2",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187"
}
]
},
{
"product": "Honor V20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T20:01:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.300(C432E4R1P9T8)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.315(C636E5R1P13T8)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.321(C636E4R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C432E6R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.302(C635E4R1P13T8)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R2P1T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C10E3R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C636E4R1P13T8)"
}
]
}
},
{
"product_name": "Charlotte-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Charlotte-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.325(C185E4R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.335(C636E3R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E8R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.336(C605E3R1P12T8)"
}
]
}
},
{
"product_name": "Columbia-AL10B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Columbia-L29D",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.350(C461E3R1P11T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C185E3R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.350(C10E5R1P14T8)"
},
{
"version_value": "Versions earlier than 9.1.0.351(C432E5R1P13T8)"
}
]
}
},
{
"product_name": "Cornell-AL00A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "Cornell-L29A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.328(C185E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C432E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.330(C461E1R1P9T8)"
},
{
"version_value": "Versions earlier than 9.1.0.328(C636E2R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L09C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.336(C605E4R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C185E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.345(C432E10R1P12T8)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C605E2R1P12T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C636E7R1P13T8)"
},
{
"version_value": "Versions earlier than 9.1.0.311(C432E7R1P11T8)"
}
]
}
},
{
"product_name": "Ever-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.311(C185E3R3P1)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.131(C00E131R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.310(C185E10R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 RS",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C786E133R3P1)"
}
]
}
},
{
"product_name": "HUAWEI Mate 20 X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.135(C00E133R2P1)"
}
]
}
},
{
"product_name": "HUAWEI P20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.333(C00E333R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI P30",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.193"
}
]
}
},
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.186(C00E180R2P1)"
}
]
}
},
{
"product_name": "HUAWEI Y9 2019",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.220(C605E3R1P1T8)"
}
]
}
},
{
"product_name": "HUAWEI nova lite 3",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.305(C635E8R2P2)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.283(C605E8R2P2)"
}
]
}
},
{
"product_name": "Honor 8X",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E2R1P1T8)"
}
]
}
},
{
"product_name": "Honor View 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.238(C432E1R3P1)"
}
]
}
},
{
"product_name": "Jackman-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.247(C636E2R4P1T8)"
}
]
}
},
{
"product_name": "Paris-L21B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C432E1R1P2T8)"
}
]
}
},
{
"product_name": "Paris-L21MEB",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C185E4R1P3T8)"
}
]
}
},
{
"product_name": "Paris-L29B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.331(C636E1R1P3T8)"
}
]
}
},
{
"product_name": "Sydney-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.212(C00E62R1P7T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Sydney-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C432E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L21BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P2T8)"
}
]
}
},
{
"product_name": "Sydney-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "Sydney-L22BR",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.258(C636E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.228(C00E78R1P7T8)"
}
]
}
},
{
"product_name": "SydneyM-L01",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.215(C782E2R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.213(C185E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.270(C432E3R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L03",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.217(C605E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L21",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.221(C461E1R1P1T8)"
},
{
"version_value": "Versions earlier than 9.1.0.215(C432E4R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L22",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.259(C185E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.220(C635E1R1P2T8)"
},
{
"version_value": "Versions earlier than 9.1.0.216(C569E1R1P1T8)"
}
]
}
},
{
"product_name": "SydneyM-L23",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.226(C605E2R1P1T8)"
}
]
}
},
{
"product_name": "Yale-L21A",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.154(C432E2R3P2)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C461E2R2P1)"
},
{
"version_value": "Versions earlier than 9.1.0.154(C636E2R2P1)"
}
]
}
},
{
"product_name": "Honor 20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.152(C00E150R5P1)"
}
]
}
},
{
"product_name": "Honor Magic2",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.0.0.187"
}
]
}
},
{
"product_name": "Honor V20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 9.1.0.234(C00E234R4P3)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5303",
"datePublished": "2020-04-27T20:01:02",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9244
Vulnerability from cvelistv5
Published
2020-08-11 18:46
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20 |
Version: Versions earlier than 10.1.0.160(C00E160R3P8) Version: Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4) Version: Versions earlier than 10.1.0.160(C00E160R2P8) Version: Versions earlier than 10.1.0.160(C00E160R2P11) Version: Versions earlier than 10.1.0.160(C786E160R3P8) Version: Versions earlier than 10.0.0.187(C00E61R2P11) Version: Versions earlier than 10.0.0.175(C00E58R4P11) Version: Versions earlier than 10.0.0.194(C00E62R8P12) Version: Versions earlier than 10.0.0.188(C00E62R2P11) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R3P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C786E160R3P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.0.0.187(C00E61R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.0.0.175(C00E58R4P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.0.0.194(C00E62R8P12)"
},
{
"status": "affected",
"version": "Versions earlier than 10.0.0.188(C00E62R2P11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-11T18:46:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R3P8)"
},
{
"version_value": "Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C786E160R3P8)"
},
{
"version_value": "Versions earlier than 10.0.0.187(C00E61R2P11)"
},
{
"version_value": "Versions earlier than 10.0.0.175(C00E58R4P11)"
},
{
"version_value": "Versions earlier than 10.0.0.194(C00E62R8P12)"
},
{
"version_value": "Versions earlier than 10.0.0.187(C00E61R2P11)"
},
{
"version_value": "Versions earlier than 10.0.0.188(C00E62R2P11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9244",
"datePublished": "2020-08-11T18:46:13",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9096
Vulnerability from cvelistv5
Published
2020-08-21 13:20
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out Of Bound Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T13:20:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out Of Bound Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200819-02-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9096",
"datePublished": "2020-08-21T13:20:40",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5225
Vulnerability from cvelistv5
Published
2019-11-29 19:01
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | P30, Mate 20, P30 Pro |
Version: Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P30, Mate 20, P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-29T19:01:17",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P30, Mate 20, P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), Versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5225",
"datePublished": "2019-11-29T19:01:17",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:56.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9089
Vulnerability from cvelistv5
Published
2024-12-27 09:44
Modified
2024-12-27 15:06
Severity ?
EPSS score ?
Summary
There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.120(C431E19R2P5) Version: Versions earlier than 10.1.0.120(C432E19R2P5) Version: Versions earlier than 10.1.0.126(C10E11R5P1) Version: Versions earlier than 10.1.0.126(C461E11R3P1) |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-9089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T15:06:25.692557Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T15:06:33.561Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.120(C431E19R2P5)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.120(C432E19R2P5)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.126(C461E11R3P1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller\u0027s access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)\u003c/p\u003e\u003cp\u003eThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089.\u003c/p\u003e"
}
],
"value": "There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller\u0027s access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T09:44:20.785Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9089",
"datePublished": "2024-12-27T09:44:20.785Z",
"dateReserved": "2020-02-18T00:00:00.000Z",
"dateUpdated": "2024-12-27T15:06:33.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9076
Vulnerability from cvelistv5
Published
2020-06-15 15:07
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B |
Version: Versions earlier than 10.1.0.135(C00E135R2P11) Version: Versions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8) Version: Versions earlier than 10.1.0.137(C00E137R2P11) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.135(C00E135R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.137(C00E137R2P11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T15:07:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9076",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.135(C00E135R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.135(C00E135R2P8),Versions earlier than 10.1.0.135(C01E135R2P8)"
},
{
"version_value": "Versions earlier than 10.1.0.137(C00E137R2P11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9076",
"datePublished": "2020-06-15T15:07:13",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9257
Vulnerability from cvelistv5
Published
2020-07-17 22:41
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Huawei | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.123(C432E19R2P5patch02) Version: Versions earlier than 10.1.0.126(C10E11R5P1) Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.123(C432E19R2P5patch02)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T22:41:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.123(C432E19R2P5patch02)"
},
{
"version_value": "Versions earlier than 10.1.0.126(C10E11R5P1)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9257",
"datePublished": "2020-07-17T22:41:36",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9106
Vulnerability from cvelistv5
Published
2020-10-12 13:43
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI P30 Pro |
Version: Versions earlier than 10.1.0.160(C00E160R2P8) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI P30 Pro",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T13:43:54",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI P30 Pro",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9106",
"datePublished": "2020-10-12T13:43:54",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-9109
Vulnerability from cvelistv5
Published
2020-10-12 13:39
Modified
2024-08-04 10:19
Severity ?
EPSS score ?
Summary
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | HUAWEI Mate 20;HUAWEI Mate 20 X;HUAWEI P30 Pro;Laya-AL00EP;Tony-AL00B;Tony-TL00B |
Version: Versions earlier than 10.1.0.160(C00E160R3P8),Versions earlier than 10.1.0.160(C01E160R2P8) Version: Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8) Version: Versions earlier than 10.1.0.160(C00E160R2P8) Version: Versions earlier than 10.1.0.160(C786E160R3P8) Version: Versions earlier than 10.1.0.160(C00E160R2P11) Version: Versions earlier than 10.1.0.160(C01E160R2P11) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HUAWEI Mate 20;HUAWEI Mate 20 X;HUAWEI P30 Pro;Laya-AL00EP;Tony-AL00B;Tony-TL00B",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R3P8),Versions earlier than 10.1.0.160(C01E160R2P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C786E160R3P8)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"status": "affected",
"version": "Versions earlier than 10.1.0.160(C01E160R2P11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim\u0027s smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T13:39:33",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HUAWEI Mate 20;HUAWEI Mate 20 X;HUAWEI P30 Pro;Laya-AL00EP;Tony-AL00B;Tony-TL00B",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R3P8),Versions earlier than 10.1.0.160(C01E160R2P8)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8),Versions earlier than 10.1.0.160(C01E160R2P8)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C786E160R3P8)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)"
},
{
"version_value": "Versions earlier than 10.1.0.160(C01E160R2P11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim\u0027s smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9109",
"datePublished": "2020-10-12T13:39:33",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}