Huawei

Berkeley-l09 Firmware

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2020-9239

  • EPSS 0.03%
  • Published 11.09.2020 14:15:11
  • Last modified 21.11.2024 05:40:13

Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0...

4.6

CVE-2019-19412

  • EPSS 0.03%
  • Published 08.06.2020 19:15:10
  • Last modified 21.11.2024 04:34:43

Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to in...

6.5

CVE-2020-9069

  • EPSS 0.04%
  • Published 21.05.2020 15:15:10
  • Last modified 21.11.2024 05:39:57

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: A...

5.3

CVE-2019-5302

  • EPSS 0.06%
  • Published 27.04.2020 20:15:12
  • Last modified 21.11.2024 04:44:42

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing th...

5.3

CVE-2019-5303

  • EPSS 0.06%
  • Published 27.04.2020 20:15:12
  • Last modified 21.11.2024 04:44:42

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing th...

7.8

CVE-2020-0069

Warning
  • EPSS 0.74%
  • Published 10.03.2020 20:15:21
  • Last modified 04.04.2025 13:01:47

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution...

7.8

CVE-2019-2215

Warning Exploit
  • EPSS 49.83%
  • Published 11.10.2019 19:15:10
  • Last modified 04.04.2025 15:40:44

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local appli...

8.1

CVE-2019-9506

  • EPSS 3.04%
  • Published 14.08.2019 17:15:11
  • Last modified 21.11.2024 04:51:45

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha...