Search

Find a vulnerability

Search criteria

    34 vulnerabilities found for Mate 20 by Huawei

    VAR-201908-1958

    Vulnerability from variot - Updated: 2026-04-10 23:16

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. The issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability.

    This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64

    Bug Fix(es):

    • Backport TCP follow-up for small buffers (BZ#1739184)

    • TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)

    • RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)

    • block: blk-mq improvement (BZ#1780567)

    • RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)

    • blk-mq: overwirte performance drops on real MQ device (BZ#1782183)

    • RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)

    • 7) - aarch64, noarch, ppc64le

    Bug Fix(es):

    • kernel modules pkey and paes_s390 are not available (BZ#1719192)

    • pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ#1720621)

    • System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ#1737563)

    • kernel: jump label transformation performance (BZ#1739143)

    • Backport i40e MDD detection removal for PFs (BZ#1747618)

    • 7.5) - ppc64, ppc64le, x86_64

    Bug Fix(es):

    • TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. 7.6) - ppc64le, x86_64

    • Description:

    This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    Bug Fix(es):

    • kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)

    Bug Fix(es):

    • update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)

    • ========================================================================== Ubuntu Security Notice USN-4147-1 October 04, 2019

    linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities ==========================================================================

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 19.04
    • Ubuntu 18.04 LTS

    Summary:

    Several security issues were fixed in the Linux kernel.

    Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel

    Details:

    It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)

    It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)

    It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)

    It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)

    Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117)

    Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118)

    It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211)

    It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212)

    It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)

    It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15220)

    Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)

    It was discovered that the Hisilicon HNS3 ethernet device driver in the Linux kernel contained an out of bounds access vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2019-15925)

    It was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2019-15926)

    Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506)

    It was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15217)

    It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218)

    It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221)

    It was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15223)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 19.04: linux-image-5.0.0-1018-aws 5.0.0-1018.20 linux-image-5.0.0-1019-kvm 5.0.0-1019.20 linux-image-5.0.0-1019-raspi2 5.0.0-1019.19 linux-image-5.0.0-1020-gcp 5.0.0-1020.20 linux-image-5.0.0-1022-azure 5.0.0-1022.23 linux-image-5.0.0-1023-snapdragon 5.0.0-1023.24 linux-image-5.0.0-31-generic 5.0.0-31.33 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33 linux-image-5.0.0-31-lowlatency 5.0.0-31.33 linux-image-aws 5.0.0.1018.19 linux-image-azure 5.0.0.1022.21 linux-image-gcp 5.0.0.1020.46 linux-image-generic 5.0.0.31.32 linux-image-generic-lpae 5.0.0.31.32 linux-image-gke 5.0.0.1020.46 linux-image-kvm 5.0.0.1019.19 linux-image-lowlatency 5.0.0.31.32 linux-image-raspi2 5.0.0.1019.16 linux-image-snapdragon 5.0.0.1023.16 linux-image-virtual 5.0.0.31.32

    Ubuntu 18.04 LTS: linux-image-5.0.0-1020-gke 5.0.0-1020.20~18.04.1 linux-image-5.0.0-31-generic 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-lowlatency 5.0.0-31.33~18.04.1 linux-image-generic-hwe-18.04 5.0.0.31.88 linux-image-generic-lpae-hwe-18.04 5.0.0.31.88 linux-image-gke-5.0 5.0.0.1020.9 linux-image-lowlatency-hwe-18.04 5.0.0.31.88 linux-image-snapdragon-hwe-18.04 5.0.0.31.88 linux-image-virtual-hwe-18.04 5.0.0.31.88

    After a standard system update you need to reboot your computer to make all the necessary changes.

    ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

    References: https://usn.ubuntu.com/4147-1 CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506

    Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33 https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20 https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20 https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19 https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24 https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3

    watchOS 5.3 addresses the following:

    Bluetooth Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019

    Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero

    Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project Zero

    Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero

    Digital Touch Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8624: Natalie Silvanovich of Google Project Zero

    FaceTime Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu

    Foundation Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero

    Heimdal Available for: Apple Watch Series 1 and later Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst

    libxslt Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz

    Messages Available for: Apple Watch Series 1 and later Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon

    Messages Available for: Apple Watch Series 1 and later Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved validation. CVE-2019-8665: Michael Hernandez of XYZ Marketing

    Quick Look Available for: Apple Watch Series 1 and later Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero

    Siri Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero

    UIFoundation Available for: Apple Watch Series 1 and later Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative

    Wallet Available for: Apple Watch Series 1 and later Impact: A user may inadvertently complete an in-app purchase while on the lock screen Description: The issue was addressed with improved UI handling. CVE-2019-8682: Jeff Braswell (JeffBraswell.com)

    WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative

    WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative CVE-2019-8672: Samuel Groß of Google Project Zero CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech CVE-2019-8683: lokihardt of Google Project Zero CVE-2019-8684: lokihardt of Google Project Zero CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL CVE-2019-8688: Insu Yun of SSLab at Georgia Tech CVE-2019-8689: lokihardt of Google Project Zero

    Additional recognition

    MobileInstallation We would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.

    Installation note:

    Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641

    To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".

    Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3187-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3187 Issue date: 2019-10-23 CVE Names: CVE-2019-9506 =====================================================================

    1. Summary:

    An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64

    Security Fix(es):

    • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    • Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)

    • powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)

    • powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745438)

    • ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446)

    • Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    The system must be rebooted for this update to take effect.

    1. Package List:

    Red Hat Enterprise Linux Server AUS (v. 7.4):

    Source: kernel-3.10.0-693.60.1.el7.src.rpm

    noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

    x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server E4S (v. 7.4):

    Source: kernel-3.10.0-693.60.1.el7.src.rpm

    noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

    ppc64le: kernel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm perf-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm

    x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server TUS (v. 7.4):

    Source: kernel-3.10.0-693.60.1.el7.src.rpm

    noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

    x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional AUS (v. 7.4):

    x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional E4S (v. 7.4):

    ppc64le: kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm

    x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    Red Hat Enterprise Linux Server Optional TUS (v. 7.4):

    x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E KceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL A2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e Lbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl 1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA rx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak xg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT lQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo 3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8 zOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn RNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy Vdo262+aA6k= =FkCN -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "cornell-tl10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c01e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "lelandp-l22d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "leland-tl10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "columbia-tl00d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.1.0.186\\(c01gt\\)"
          },
          {
            "_id": null,
            "model": "y6 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "19.04"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "cairogo-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "cairogo-l22c461b153"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "princeton-tl10c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.338\\(c185e3r3p1\\)"
          },
          {
            "_id": null,
            "model": "princeton-al10d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.341\\(c185e1r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "leland-l32c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "yale-tl00b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e3r1p14t8\\)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.12.6"
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.307\\(c635e4r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "virtualization host eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "nova 3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "laya-al00ep",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.306\\(c432e4r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.158\\(c432e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c782e10r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.332\\(c432e5r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "lelandp-l22c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ares-al10d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.160\\(c00e160r2p5t8\\)"
          },
          {
            "_id": null,
            "model": "y6 prime 2018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-l21",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "18.04"
          },
          {
            "_id": null,
            "model": "cornell-al00ind",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.2.0.141\\(c675custc675d1gt\\)"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "paris-al00ic",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "atomu-l42",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.155\\(c636custc636d1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.155\\(c10e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "madrid-tl00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "enterprise linux aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8"
          },
          {
            "_id": null,
            "model": "florida-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.150\\(c185e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e3r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.137\\(c33e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.171\\(c10e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "leland-tl10c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "madrid-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-al10ind",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.363\\(c675e2r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "nova 5i pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "jakarta-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "yale-l21a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "nova lite 3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.172\\(c432e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c636e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "sydney-l22",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "dura-tl00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "1.0.0.176\\(c01\\)"
          },
          {
            "_id": null,
            "model": "p20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "y9 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "potter-al00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-tl10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.128\\(c01e112r1p6t8\\)"
          },
          {
            "_id": null,
            "model": "sydneym-l22",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "lelandp-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-tl10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c01e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "16.04"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "p30 pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.342\\(c461e1r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "figo-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.160\\(c605e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "imanager neteco 6000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e4r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e7r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c432e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "tony-tl00b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "harry-al00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.150\\(c636e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.149\\(c675e8r2p1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.170\\(c185e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "nova 5",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "leland-l42c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor 8a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "lelandp-al10d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-tl10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.130\\(c01e115r2p8t8\\)"
          },
          {
            "_id": null,
            "model": "tony-al00b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.306\\(c185e2r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "london-al40ind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "harry-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "johnson-tl00d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "alp-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.326\\(c635e2r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "p smart",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "asoka-al00ax",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1.181\\(c00e48r6p1\\)"
          },
          {
            "_id": null,
            "model": "columbia-al10i",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.335\\(c675e8r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "sydneym-l23",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "ares-tl00c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.165\\(c01e165r2p5t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.347\\(c432e1r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "katyusha-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "paris-l29b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-l01",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-al20b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.128\\(c00e112r1p6t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c185e3r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "potter-al10a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "yale-l61c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "12.4"
          },
          {
            "_id": null,
            "model": "sydney-l22br",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-al00",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e5r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.170\\(c636e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "dubai-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.2.0.190\\(c00r2p2\\)"
          },
          {
            "_id": null,
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": null
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c605e2r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.143\\(c675e8r2p1\\)"
          },
          {
            "_id": null,
            "model": "hima-l29c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "atomu-l33",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.147\\(c605custc605d1\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "_id": null,
            "model": "bla-tl00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.329\\(c01e320r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c636e7r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "dura-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "1.0.0.182\\(c00\\)"
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c636e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.1.0.156\\(c605\\)"
          },
          {
            "_id": null,
            "model": "p smart 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.14.5"
          },
          {
            "_id": null,
            "model": "harry-tl00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux for real time",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8"
          },
          {
            "_id": null,
            "model": "y6 pro 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor view 10",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "berkeley-al20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "_id": null,
            "model": "johnson-tl00f",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.122\\(c09e7r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e5r1p14t8\\)"
          },
          {
            "_id": null,
            "model": "yalep-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c605e7r1p2t8\\)"
          },
          {
            "_id": null,
            "model": "yale-al50a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c461e2r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time for nfv eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.7"
          },
          {
            "_id": null,
            "model": "enterprise linux for real time eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "honor 8x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.122d\\(c652\\)"
          },
          {
            "_id": null,
            "model": "mate 20 x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "cornell-al00i",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.363\\(c675e3r1p9t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.6"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "nova 4",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "leland-l42a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-al00",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.165\\(c10e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c636e2r3p1\\)"
          },
          {
            "_id": null,
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c461e3r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "enterprise linux server tus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "leland-l32a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "neo-al00d",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-l03",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c185e2r5p1\\)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.13.6"
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.300\\(c605e2r1p12t8\\)"
          },
          {
            "_id": null,
            "model": "lelandp-l22a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e4r1p11t8\\)"
          },
          {
            "_id": null,
            "model": "leland-l31a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "atomu-l41",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.153\\(c461custc461d1\\)"
          },
          {
            "_id": null,
            "model": "imanager neteco",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "paris-l21b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "mate 20 pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "mrg realtime",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "y5 2018",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "yale-al00a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-tl00",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.306\\(c636e2r1p13t8\\)"
          },
          {
            "_id": null,
            "model": "lelandp-al00c",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydney-l21br",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "columbia-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "_id": null,
            "model": "p20 pro",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "honor view 20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "barca-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "8.0.0.366\\(c00\\)"
          },
          {
            "_id": null,
            "model": "leland-l21a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "paris-l21meb",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "princeton-al10b",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "florida-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.150\\(c432e6r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "ares-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.160\\(c00e160r2p5t8\\)"
          },
          {
            "_id": null,
            "model": "mate 20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "watchos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "honor 10 lite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "y5 lite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "bla-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.329\\(c786e320r2p1t8\\)"
          },
          {
            "_id": null,
            "model": "figo-l31",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.137\\(c530e8r1p5t8\\)"
          },
          {
            "_id": null,
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "15.1"
          },
          {
            "_id": null,
            "model": "y7 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "sydneym-l21",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blackberry",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bluetooth sig",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2019-9506",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-9506",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 7.8,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "COMPLETE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 7.8,
                "exploitability": "NOT DEFINED",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-9506",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "NOT DEFINED",
                "reportConfidence": "NOT DEFINED",
                "severity": "HIGH",
                "targetDistribution": "NOT DEFINED",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:A/AC:L/Au:N/C:C/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "VHN-160941",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-9506",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cret@cert.org",
                "availabilityImpact": "LOW",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-9506",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-9506",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cret@cert.org",
                "id": "CVE-2019-9506",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-9506",
                "trust": 0.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-864",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-160941",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-9506",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. \nThe issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device.  An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. \nThis advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\ntools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test\n(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during\nRHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads\nto drain out system memory quickly. (BZ#1782705)\n\n4. 7) - aarch64, noarch, ppc64le\n\n3. \n\nBug Fix(es):\n\n* kernel modules pkey and paes_s390 are not available (BZ#1719192)\n\n* pkey: Indicate old mkvp only if old and curr. mkvp are different\n(BZ#1720621)\n\n* System dropped into Mon running softboots Exception: 501 (Hardware\nInterrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi)\n(BZ#1737563)\n\n* kernel: jump label transformation performance (BZ#1739143)\n\n* Backport i40e MDD detection removal for PFs (BZ#1747618)\n\n4. 7.5) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* TCP packets are segmented when sent to the VLAN device when coming from\nVXLAN dev. 7.6) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nBug Fix(es):\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\n\n4. \n\nBug Fix(es):\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)\n\n4. ==========================================================================\nUbuntu Security Notice USN-4147-1\nOctober 04, 2019\n\nlinux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe,\nlinux-kvm, linux-raspi2, linux-snapdragon vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux: Linux kernel\n- linux-aws: Linux kernel for Amazon Web Services (AWS) systems\n- linux-azure: Linux kernel for Microsoft Azure Cloud systems\n- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems\n- linux-kvm: Linux kernel for cloud environments\n- linux-raspi2: Linux kernel for Raspberry Pi 2\n- linux-snapdragon: Linux kernel for Snapdragon processors\n- linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems\n- linux-hwe: Linux hardware enablement (HWE) kernel\n\nDetails:\n\nIt was discovered that the Intel Wi-Fi device driver in the Linux kernel\ndid not properly validate certain Tunneled Direct Link Setup (TDLS). A\nphysically proximate attacker could use this to cause a denial of service\n(Wi-Fi disconnect). (CVE-2019-0136)\n\nIt was discovered that the Bluetooth UART implementation in the Linux\nkernel did not properly check for missing tty operations. A local attacker\ncould use this to cause a denial of service. (CVE-2019-10207)\n\nIt was discovered that the GTCO tablet input driver in the Linux kernel did\nnot properly bounds check the initial HID report sent by the device. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-13631)\n\nIt was discovered that an out-of-bounds read existed in the QLogic QEDI\niSCSI Initiator Driver in the Linux kernel. A local attacker could possibly\nuse this to expose sensitive information (kernel memory). (CVE-2019-15090)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the\nLinux kernel did not properly validate device meta data. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15117)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the\nLinux kernel improperly performed recursion while handling device meta\ndata. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15118)\n\nIt was discovered that the Raremono AM/FM/SW radio device driver in the\nLinux kernel did not properly allocate memory, leading to a use-after-free. \nA physically proximate attacker could use this to cause a denial of service\nor possibly execute arbitrary code. (CVE-2019-15211)\n\nIt was discovered at a double-free error existed in the USB Rio 500 device\ndriver for the Linux kernel. A physically proximate attacker could use this\nto cause a denial of service. (CVE-2019-15212)\n\nIt was discovered that a race condition existed in the CPiA2 video4linux\ndevice driver for the Linux kernel, leading to a use-after-free. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-15215)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54\ndevice driver in the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15220)\n\nBenjamin Moody discovered that the XFS file system in the Linux kernel did\nnot properly handle an error condition when out of disk quota. A local\nattacker could possibly use this to cause a denial of service. \n(CVE-2019-15538)\n\nIt was discovered that the Hisilicon HNS3 ethernet device driver in the\nLinux kernel contained an out of bounds access vulnerability. A local\nattacker could use this to possibly cause a denial of service (system\ncrash). (CVE-2019-15925)\n\nIt was discovered that the Atheros mobile chipset driver in the Linux\nkernel did not properly validate data in some situations. An attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15926)\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker\ncould use this to expose sensitive information. (CVE-2019-9506)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux\nkernel did not properly initialize memory. A physically proximate attacker\ncould use this to cause a denial of service (system crash). \n(CVE-2019-15217)\n\nIt was discovered that the Siano USB MDTV receiver device driver in the\nLinux kernel made improper assumptions about the device characteristics. A\nphysically proximate attacker could use this cause a denial of service\n(system crash). (CVE-2019-15218)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel\ndid not properly validate data size information from the device. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash). (CVE-2019-15221)\n\nIt was discovered that the Line 6 USB driver for the Linux kernel contained\na race condition when the device was disconnected. A physically proximate\nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15223)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n  linux-image-5.0.0-1018-aws      5.0.0-1018.20\n  linux-image-5.0.0-1019-kvm      5.0.0-1019.20\n  linux-image-5.0.0-1019-raspi2   5.0.0-1019.19\n  linux-image-5.0.0-1020-gcp      5.0.0-1020.20\n  linux-image-5.0.0-1022-azure    5.0.0-1022.23\n  linux-image-5.0.0-1023-snapdragon  5.0.0-1023.24\n  linux-image-5.0.0-31-generic    5.0.0-31.33\n  linux-image-5.0.0-31-generic-lpae  5.0.0-31.33\n  linux-image-5.0.0-31-lowlatency  5.0.0-31.33\n  linux-image-aws                 5.0.0.1018.19\n  linux-image-azure               5.0.0.1022.21\n  linux-image-gcp                 5.0.0.1020.46\n  linux-image-generic             5.0.0.31.32\n  linux-image-generic-lpae        5.0.0.31.32\n  linux-image-gke                 5.0.0.1020.46\n  linux-image-kvm                 5.0.0.1019.19\n  linux-image-lowlatency          5.0.0.31.32\n  linux-image-raspi2              5.0.0.1019.16\n  linux-image-snapdragon          5.0.0.1023.16\n  linux-image-virtual             5.0.0.31.32\n\nUbuntu 18.04 LTS:\n  linux-image-5.0.0-1020-gke      5.0.0-1020.20~18.04.1\n  linux-image-5.0.0-31-generic    5.0.0-31.33~18.04.1\n  linux-image-5.0.0-31-generic-lpae  5.0.0-31.33~18.04.1\n  linux-image-5.0.0-31-lowlatency  5.0.0-31.33~18.04.1\n  linux-image-generic-hwe-18.04   5.0.0.31.88\n  linux-image-generic-lpae-hwe-18.04  5.0.0.31.88\n  linux-image-gke-5.0             5.0.0.1020.9\n  linux-image-lowlatency-hwe-18.04  5.0.0.31.88\n  linux-image-snapdragon-hwe-18.04  5.0.0.31.88\n  linux-image-virtual-hwe-18.04   5.0.0.31.88\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n  https://usn.ubuntu.com/4147-1\n  CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090,\n  CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212,\n  CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220,\n  CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925,\n  CVE-2019-15926, CVE-2019-9506\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33\n  https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20\n  https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23\n  https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20\n  https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20\n  https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19\n  https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24\n  https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1\n  https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-8-13-3 Additional information for\nAPPLE-SA-2019-7-22-4 watchOS 5.3\n\nwatchOS 5.3 addresses the following:\n\nBluetooth\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Kasper Rasmussen of\nUniversity of Oxford, England\nEntry added August 13, 2019\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nDigital Touch\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8624: Natalie Silvanovich of Google Project Zero\n\nFaceTime\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\nFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8641: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nHeimdal\nAvailable for: Apple Watch Series 1 and later\nImpact: An issue existed in Samba that may allow attackers to perform\nunauthorized actions by intercepting communications between services\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team\nand Catalyst\n\nlibxslt\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to view sensitive information\nDescription: A stack overflow was addressed with improved input\nvalidation. \nCVE-2019-13118: found by OSS-Fuzz\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: Users removed from an iMessage conversation may still be able\nto alter state\nDescription: This issue was addressed with improved checks. \nCVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of\nUniversity of Oregon\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may cause an unexpected application\ntermination\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\nQuick Look\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker may be able to trigger a use-after-free in an\napplication deserializing an untrusted NSDictionary\nDescription: This issue was addressed with improved checks. \nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project\nZero\n\nSiri\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nUIFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: Parsing a maliciously crafted office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nWallet\nAvailable for: Apple Watch Series 1 and later\nImpact: A user may inadvertently complete an in-app purchase while on\nthe lock screen\nDescription: The issue was addressed with improved UI handling. \nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2019-8658: akayn working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-8669: akayn working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\nCVE-2019-8683: lokihardt of Google Project Zero\nCVE-2019-8684: lokihardt of Google Project Zero\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech,\nKen Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL,\nand Eric Lung (@Khlung1) of VXRL\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\nCVE-2019-8689: lokihardt of Google Project Zero\n\nAdditional recognition\n\nMobileInstallation\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their\nassistance. \n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kernel security and bug fix update\nAdvisory ID:       RHSA-2019:3187-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2019:3187\nIssue date:        2019-10-23\nCVE Names:         CVE-2019-9506 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas:\nFix a potential race between CPU-Offline \u0026 Migration (LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix unitialized timer reset on migration /\npowerpc/pseries/mobility: Extend start/stop topology update scope (LPM)\n(BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM\n(POWER9/P9) (BZ#1745446)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E\nKceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL\nA2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e\nLbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl\n1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA\nrx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak\nxg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT\nlQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo\n3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8\nzOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn\nRNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy\nVdo262+aA6k=\n=FkCN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          },
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154740"
          },
          {
            "db": "PACKETSTORM",
            "id": "154056"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-9506",
            "trust": 2.7
          },
          {
            "db": "CERT/CC",
            "id": "VU#918987",
            "trust": 2.6
          },
          {
            "db": "PACKETSTORM",
            "id": "157216",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "156058",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0141",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1366",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1189",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1366.2",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4346",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4346.2",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4676",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.0262",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.3115",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4252",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.1338",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4584",
            "trust": 0.6
          },
          {
            "db": "LENOVO",
            "id": "LEN-27173",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "155017",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "154949",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "154936",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "155004",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "155005",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "154779",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "154740",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "154056",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154740"
          },
          {
            "db": "PACKETSTORM",
            "id": "154056"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "id": "VAR-201908-1958",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          }
        ],
        "trust": 0.6336539925
      },
      "last_update_date": "2026-04-10T23:16:47.566000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Bluetooth Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96553"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193187 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kpatch-patch security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193231 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192975 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193165 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193218 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20201460 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193220 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193089 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193055 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-alt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193217 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kpatch-patch security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193076 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2019-9506",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2019-9506"
          },
          {
            "title": "Cisco: Key Negotiation of Bluetooth Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190813-bluetooth"
          },
          {
            "title": "HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03634"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200204 - Security Advisory"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=20bba81176880ee641f9d46354adc125"
          },
          {
            "title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193517 - Security Advisory"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=4da976eef66883f5331725800e5cf063"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193309 - Security Advisory"
          },
          {
            "title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4147-1"
          },
          {
            "title": "Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-224"
          },
          {
            "title": "Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-2"
          },
          {
            "title": "Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-aws vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4118-1"
          },
          {
            "title": "knob",
            "trust": 0.1,
            "url": "https://github.com/francozappa/knob "
          },
          {
            "title": "bluetooth-KNOB",
            "trust": 0.1,
            "url": "https://github.com/u10427687/bluetooth-KNOB "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/makaubenson/Fix-BT-Ubuntu "
          },
          {
            "title": "broadcom-bt-firmware",
            "trust": 0.1,
            "url": "https://github.com/winterheart/broadcom-bt-firmware "
          },
          {
            "title": "broadcom-bt-firmware",
            "trust": 0.1,
            "url": "https://github.com/AlexandrBing/broadcom-bt-firmware "
          },
          {
            "title": "Protocol-Vul",
            "trust": 0.1,
            "url": "https://github.com/WinMin/Protocol-Vul "
          },
          {
            "title": "awesome-bluetooth-security",
            "trust": 0.1,
            "url": "https://github.com/engn33r/awesome-bluetooth-security "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
          },
          {
            "title": "PoC-in-GitHub",
            "trust": 0.1,
            "url": "https://github.com/developer3000S/PoC-in-GitHub "
          },
          {
            "title": "CVE-POC",
            "trust": 0.1,
            "url": "https://github.com/0xT11/CVE-POC "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
          },
          {
            "title": "PoC-in-GitHub",
            "trust": 0.1,
            "url": "https://github.com/hectorgie/PoC-in-GitHub "
          },
          {
            "title": "PoC-in-GitHub",
            "trust": 0.1,
            "url": "https://github.com/nomi-sec/PoC-in-GitHub "
          },
          {
            "title": "Symantec Threat Intelligence Blog",
            "trust": 0.1,
            "url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/cisco-patches-six-critical-bugs/147585/"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-327",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://access.redhat.com/errata/rhsa-2020:0204"
          },
          {
            "trust": 2.0,
            "url": "https://access.redhat.com/errata/rhsa-2019:3187"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:2975"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3165"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3217"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3218"
          },
          {
            "trust": 1.9,
            "url": "https://access.redhat.com/errata/rhsa-2019:3231"
          },
          {
            "trust": 1.8,
            "url": "https://www.kb.cert.org/vuls/id/918987/"
          },
          {
            "trust": 1.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
          },
          {
            "trust": 1.8,
            "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/11"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/13"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/14"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2019/aug/15"
          },
          {
            "trust": 1.8,
            "url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
          },
          {
            "trust": 1.8,
            "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
          },
          {
            "trust": 1.8,
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
          },
          {
            "trust": 1.8,
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
          },
          {
            "trust": 1.8,
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3055"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3076"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3089"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3220"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3309"
          },
          {
            "trust": 1.8,
            "url": "https://access.redhat.com/errata/rhsa-2019:3517"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
          },
          {
            "trust": 1.8,
            "url": "https://usn.ubuntu.com/4115-1/"
          },
          {
            "trust": 1.8,
            "url": "https://usn.ubuntu.com/4118-1/"
          },
          {
            "trust": 1.8,
            "url": "https://usn.ubuntu.com/4147-1/"
          },
          {
            "trust": 1.6,
            "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth"
          },
          {
            "trust": 1.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
          },
          {
            "trust": 0.9,
            "url": "https://github.com/francozappa/knob"
          },
          {
            "trust": 0.8,
            "url": "https://www.bluetooth.com/specifications/adopted-specifications"
          },
          {
            "trust": 0.8,
            "url": "https://www.usenix.org/system/files/sec19-antonioli.pdf"
          },
          {
            "trust": 0.8,
            "url": "https://www.icasi.org/br-edr-encryption-key-bluetooth-vulnerability/"
          },
          {
            "trust": 0.8,
            "url": "http://support.blackberry.com/kb/articledetail?articlenumber=000057251"
          },
          {
            "trust": 0.7,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.7,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.7,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/cve/cve-2019-9506"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1338/"
          },
          {
            "trust": 0.6,
            "url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506"
          },
          {
            "trust": 0.6,
            "url": "https://support.lenovo.com/us/en/product_security/len-27173"
          },
          {
            "trust": 0.6,
            "url": "https://support.apple.com/en-us/ht210353"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4676/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4346/"
          },
          {
            "trust": 0.6,
            "url": "https://support.apple.com/en-us/ht210346"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4252/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4584/"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0141/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.0262/"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.3115/"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1189/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1366/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.1366.2/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/327.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.kb.cert.org/vuls/id/918987"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0154"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-0154"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-16884"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11135"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14821"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0155"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-0155"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14901"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-5489"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14901"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-12207"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14816"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-3900"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10126"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11810"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11810"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9500"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-10902"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9500"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-20856"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-1125"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-1125"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/4329821"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15223"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15538"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4147-1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15118"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10207"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15221"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15090"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15217"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13631"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15925"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15117"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15220"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15211"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15926"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15218"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15215"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15212"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8659"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht204641"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16860"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8669"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8646"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8688"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13118"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8672"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8658"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8648"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8641"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8647"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8684"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8683"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8682"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8665"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8660"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8657"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8689"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8676"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8685"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8662"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506"
          },
          {
            "db": "PACKETSTORM",
            "id": "156058"
          },
          {
            "db": "PACKETSTORM",
            "id": "155005"
          },
          {
            "db": "PACKETSTORM",
            "id": "154779"
          },
          {
            "db": "PACKETSTORM",
            "id": "155017"
          },
          {
            "db": "PACKETSTORM",
            "id": "155004"
          },
          {
            "db": "PACKETSTORM",
            "id": "154936"
          },
          {
            "db": "PACKETSTORM",
            "id": "154740"
          },
          {
            "db": "PACKETSTORM",
            "id": "154056"
          },
          {
            "db": "PACKETSTORM",
            "id": "154949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#918987",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-160941",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "156058",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "155005",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154779",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "155017",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "155004",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154936",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154740",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154056",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "154949",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2019-9506",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-08-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#918987",
            "ident": null
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-160941",
            "ident": null
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "ident": null
          },
          {
            "date": "2020-01-23T00:26:55",
            "db": "PACKETSTORM",
            "id": "156058",
            "ident": null
          },
          {
            "date": "2019-10-29T14:49:28",
            "db": "PACKETSTORM",
            "id": "155005",
            "ident": null
          },
          {
            "date": "2019-10-08T20:44:06",
            "db": "PACKETSTORM",
            "id": "154779",
            "ident": null
          },
          {
            "date": "2019-10-29T14:59:12",
            "db": "PACKETSTORM",
            "id": "155017",
            "ident": null
          },
          {
            "date": "2019-10-29T14:48:28",
            "db": "PACKETSTORM",
            "id": "155004",
            "ident": null
          },
          {
            "date": "2019-10-22T17:27:00",
            "db": "PACKETSTORM",
            "id": "154936",
            "ident": null
          },
          {
            "date": "2019-10-05T14:13:57",
            "db": "PACKETSTORM",
            "id": "154740",
            "ident": null
          },
          {
            "date": "2019-08-14T20:32:22",
            "db": "PACKETSTORM",
            "id": "154056",
            "ident": null
          },
          {
            "date": "2019-10-23T18:29:02",
            "db": "PACKETSTORM",
            "id": "154949",
            "ident": null
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "ident": null
          },
          {
            "date": "2019-08-14T17:15:11.597000",
            "db": "NVD",
            "id": "CVE-2019-9506",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2020-05-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#918987",
            "ident": null
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-160941",
            "ident": null
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-9506",
            "ident": null
          },
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-864",
            "ident": null
          },
          {
            "date": "2024-11-21T04:51:45.113000",
            "db": "NVD",
            "id": "CVE-2019-9506",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#918987"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-864"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-1252

    Vulnerability from variot - Updated: 2025-01-19 23:30

    There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)

    This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081. Mate 20 firmware, P30 firmware, P30 Pro firmware etc. Huawei The product contains an incorrect authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1252",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "princeton-al10d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p8\\)"
          },
          {
            "model": "yalep-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r8p12\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p8\\)"
          },
          {
            "model": "yale-al50a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.88\\(c00e88r8p1\\)"
          },
          {
            "model": "yale-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r8p12\\)"
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "princeton-al10d",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "yale-al50a",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "yalep-al10b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "yale-al00a",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "cve": "CVE-2020-9081",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "psirt@huawei.com",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9081",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9081",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9081",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@huawei.com",
                "id": "CVE-2020-9081",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9081",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9081",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-1321",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144)\n\n\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081. Mate 20 firmware, P30 firmware, P30 Pro firmware etc. Huawei The product contains an incorrect authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9081",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "id": "VAR-202008-1252",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.579064925
      },
      "last_update_date": "2025-01-19T23:30:55.116000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei product security vulnerabilities repair measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126964"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-285",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate authorization (CWE-285) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Illegal authentication (CWE-863) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9081"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200826-15-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-01-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "date": "2020-08-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "date": "2024-12-27T10:15:10.937000",
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-01-16T09:13:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          },
          {
            "date": "2025-01-10T20:37:44.267000",
            "db": "NVD",
            "id": "CVE-2020-9081"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Fraudulent Authentication Vulnerability in Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-018356"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-1321"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201906-0114

    Vulnerability from variot - Updated: 2024-11-23 23:11

    Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal. Huawei Mate20 Smartphones contain a vulnerability related to out-of-bounds reading.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiMate20 is a smartphone from China's Huawei company. The vulnerability stems from a failure to adequately verify user input that could allow an attacker to cause a device exception

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0114",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "hma-al00c00b175"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "hma-al00c00b175"
          },
          {
            "model": "mate20 \u003chma-al00c00b175",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei internal testing",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5296",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 1.7,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.1,
                "id": "CVE-2019-5296",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-04937",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.3,
                "id": "CVE-2019-5296",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5296",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5296",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-04937",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201902-789",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal. Huawei Mate20 Smartphones contain a vulnerability related to out-of-bounds reading.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiMate20 is a smartphone from China\u0027s Huawei company. The vulnerability stems from a failure to adequately verify user input that could allow an attacker to cause a device exception",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5296",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "id": "VAR-201906-0114",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          }
        ],
        "trust": 1.35
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:51.674000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190220-01-phone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-en"
          },
          {
            "title": "HuaweiMate20 Buffer Overflow Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/154133"
          },
          {
            "title": "Huawei Mate20 Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89584"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190220-01-phone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5296"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5296"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190220-01-phone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-02-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "date": "2019-02-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          },
          {
            "date": "2019-06-04T18:29:00.910000",
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-02-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-04937"
          },
          {
            "date": "2019-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          },
          {
            "date": "2019-06-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          },
          {
            "date": "2024-11-21T04:44:41.633000",
            "db": "NVD",
            "id": "CVE-2019-5296"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei Mate20 Smartphone out-of-bounds vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-005141"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201902-789"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0830

    Vulnerability from variot - Updated: 2024-11-23 23:11

    P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China's Huawei company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0830",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vogue-al00a_9.1.0.193\\(c00e190r1p12\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "hima-al00b_9.1.0.135\\(c00e200r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r1p21\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "hima-al00b 9.1.0.135(c00e200r2p1)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "vogue-al00a 9.1.0.193(c00e190r1p12)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "elle-al00b 9.1.0.193(c00e190r1p21)"
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003cvogue-al00a 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003chima-al00b 9.1.0.135",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by an external researcher.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5225",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5225",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 1.9,
                "id": "CNVD-2019-41838",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5225",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5225",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5225",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5225",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-41838",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1747",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. Huawei P30 and others are all smartphones of China\u0027s Huawei company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5225",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "id": "VAR-201911-0830",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          }
        ],
        "trust": 1.4316259699999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:37.914000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190821-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei P30, Mate 20, and P30 Pro Buffer Overflow Vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/191711"
          },
          {
            "title": "Huawei P30 , Mate 20  and P30 Pro Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97331"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190821-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5225"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190821-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5225"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "date": "2019-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "date": "2019-08-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "date": "2019-11-29T20:15:11.753000",
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-41838"
          },
          {
            "date": "2019-12-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          },
          {
            "date": "2019-12-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          },
          {
            "date": "2024-11-21T04:44:33.507000",
            "db": "NVD",
            "id": "CVE-2019-5225"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural Classic Buffer Overflow Vulnerability in Smartphone Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012618"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1747"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201912-0803

    Vulnerability from variot - Updated: 2024-11-23 23:11

    There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China's Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system's failure to adequately verify the path name from an application. information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201912-0803",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "enjoy 7s",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.130\\(c00e115r2p8t8\\)"
          },
          {
            "model": "honor v10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "m6",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1.150\\(c00e150r1p150\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.139\\(c00e133r3p1\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c00e210r2p1\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c00e220r2p1\\)"
          },
          {
            "model": "honor 9 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.143\\(c636e5r1p5t8\\)"
          },
          {
            "model": "honor 9i",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.120\\(c00e113r1p6t8\\)"
          },
          {
            "model": "honor 20s",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1.132\\(c00e131r6p1\\)"
          },
          {
            "model": "honor 9 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.130\\(c00e112r2p10t8\\)"
          },
          {
            "model": "enjoy 7s",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20s",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 9 lite",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 9i",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 10",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "m6",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor \u003c9.1.0.333",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "v10"
          },
          {
            "model": "p30 \u003c9.1.0.226",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "enjoy 7s",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.130"
          },
          {
            "model": "mate \u003c9.1.0.139",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honor lite \u003c9.1.0.130",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9"
          },
          {
            "model": "honor lite \u003c9.1.0.143",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9"
          },
          {
            "model": "honor 9i \u003c9.1.0.120",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "m6 \u003c9.1.1.150",
            "scope": null,
            "trust": 0.6,
            "vendor": "ibaby",
            "version": null
          },
          {
            "model": "p30 pro \u003c9.1.0.226",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20s \u003c9.1.1.132",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:enjoy_7s_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_20s_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_9_lite_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_9i_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_10_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:m6_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by an external researcher. Huawei thanks the researcher for cooperating with us to disclose the vulnerability to protect Huawei\u0027s customers.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5251",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5251",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-02966",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5251",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-5251",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5251",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5251",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-02966",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201912-175",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. plural Huawei Smartphone products contain a paste traversal vulnerability.Information may be obtained. Huawei P30 and other products are products of China\u0027s Huawei. The Huawei P30 is a smartphone. Huawei P30 Pro is a smartphone. Huawei M6 is a tablet. The vulnerability stems from the system\u0027s failure to adequately verify the path name from an application. information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5251",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "id": "VAR-201912-0803",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          }
        ],
        "trust": 1.281329055
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:36.711000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20191204-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
          },
          {
            "title": "Patch for Multiple Huawei Product Path Traversal Vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/197281"
          },
          {
            "title": "Multiple Huawei Product path traversal vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103979"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5251"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5251"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191204-03-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "date": "2019-12-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "date": "2019-12-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "date": "2019-12-13T15:15:11.317000",
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02966"
          },
          {
            "date": "2019-12-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          },
          {
            "date": "2024-11-21T04:44:36.387000",
            "db": "NVD",
            "id": "CVE-2019-5251"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Vulnerability of past traversal in smartphone products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-013191"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201912-175"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-1173

    Vulnerability from variot - Updated: 2024-11-23 23:11

    There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China's Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim's mobile phone before launching an attack

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1173",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": "20x"
          },
          {
            "model": "tony-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p8\\)"
          },
          {
            "model": "tony-tl00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p11\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r2p8\\)"
          },
          {
            "model": "laya-al00ep",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c786e160r3p8\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "laya-al00ep",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 x",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-al00b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-tl00b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "laya-al00ep \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-al00b \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-tl00b \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "cve": "CVE-2020-9109",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.4,
                "id": "CVE-2020-9109",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-68354",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9109",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9109",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9109",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9109",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-68354",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202009-1687",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9109",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim\u0027s smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11). plural Huawei Smartphone products contain vulnerabilities related to inadequate verification of data reliability.Information may be obtained. Huawei P30 Pro, etc. are all smart phones of China\u0027s Huawei (Huawei) company. The vulnerability stems from insufficient verification of the identity of the smart wearable device in a specific scenario. The attacker needs to obtain specific information in the victim\u0027s mobile phone before launching an attack",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9109"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9109",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9109",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "id": "VAR-202010-1173",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          }
        ],
        "trust": 1.0955000125
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:15.887000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200930-01-dos",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
          },
          {
            "title": "Patch for Information Disclosure Vulnerabilities in Multiple Huawei Products (CNVD-2020-68354)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/241534"
          },
          {
            "title": "HUAWEI Mate 20  and HUAWEI Mate 20 X  and HUAWEI P30 Pro  and HUAWEI Mate 20 RS And glory Magic2 Repair measures for data forgery problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131165"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          },
          {
            "problemtype": "Inadequate verification of data reliability (CWE-345) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-dos-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9109"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200930-01-dos-cn"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/345.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189257"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-12-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "date": "2020-10-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9109"
          },
          {
            "date": "2021-04-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "date": "2020-09-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          },
          {
            "date": "2020-10-12T14:15:14.340000",
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-12-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-68354"
          },
          {
            "date": "2020-10-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9109"
          },
          {
            "date": "2021-04-30T07:13:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          },
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          },
          {
            "date": "2024-11-21T05:40:03.407000",
            "db": "NVD",
            "id": "CVE-2020-9109"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Insufficient verification vulnerability in data reliability in smartphone products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012335"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "data forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-1687"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201812-0944

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information. plural Huawei In product Contains an access control vulnerability.Information may be obtained. Huawei VIP App is a pre-installed membership service application for mobile phones of China Huawei (Huawei)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0944",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "vip app",
            "scope": "lt",
            "trust": 1.8,
            "vendor": "huawei",
            "version": "4.0.5"
          },
          {
            "model": "nova 3i",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "nova 3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "nova 3",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "nova 3i",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:huawei:vip_app",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:nova_3_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:nova_3i_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          }
        ]
      },
      "cve": "CVE-2018-7956",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-7956",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-137988",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-7956",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-7956",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2018-7956",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201811-914",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-137988",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information. plural Huawei In product Contains an access control vulnerability.Information may be obtained. Huawei VIP App is a pre-installed membership service application for mobile phones of China Huawei (Huawei)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-7956",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-137988",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "id": "VAR-201812-0944",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          }
        ],
        "trust": 0.56363637
      },
      "last_update_date": "2024-11-23T23:08:32.125000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20181129-01-huaweivip-en",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
          },
          {
            "title": "Huawei VIP App Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87337"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7956"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7956"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-cn"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-12-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "date": "2019-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "date": "2018-11-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          },
          {
            "date": "2018-12-04T18:29:00.310000",
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-137988"
          },
          {
            "date": "2019-03-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          },
          {
            "date": "2022-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          },
          {
            "date": "2024-11-21T04:13:00.997000",
            "db": "NVD",
            "id": "CVE-2018-7956"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei In product Access control vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-014330"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201811-914"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201907-0268

    Vulnerability from variot - Updated: 2024-11-23 23:01

    There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2). Huawei Mate 20 is a smartphone from China's Huawei company. The vulnerability stems from insufficient system validation

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201907-0268",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "honor magic 2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "tony-al00b\\/tony-tl00b_9.0.0.182\\(c00e180r2p2\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "ever-al00b_9.0.0.200\\(c00e200r2p1\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "hima-al00b\\/hima-tl00b_9.0.0.200\\(c00e200r2p1\\)"
          },
          {
            "model": "honor magic 2",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "tony-al00b/tony-tl00b 9.0.0.182(c00e180r2p2)"
          },
          {
            "model": "mate 20 x",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "ever-al00b 9.0.0.200(c00e200r2p1)"
          },
          {
            "model": "mate 20",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "hima-al00b/hima-tl00b 9.0.0.200(c00e200r2p1)"
          },
          {
            "model": "mate \u003cever-al00b 9.0.0.200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          },
          {
            "model": "mate \u003chima-al00b/hima-tl00b 9.0.0.200",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          },
          {
            "model": "honor magic \u003ctony-al00b/tony-tl00b 9.0.0.182",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:honor_magic_2_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_x_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5220",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-5220",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-25751",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-5220",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5220",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5220",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-25751",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201906-1047",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2). Huawei Mate 20 is a smartphone from China\u0027s Huawei company. The vulnerability stems from insufficient system validation",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5220",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "id": "VAR-201907-0268",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          }
        ],
        "trust": 1.5125
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:48.486000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190626-01-frp",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
          },
          {
            "title": "Huawei Mate 20 X, Mate 20 and Honor Magic 2 security bypass vulnerability patches",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/173069"
          },
          {
            "title": "Huawei Mate 20 X , Mate 20  and Honor Magic 2 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94174"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-863",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-275",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190626-01-frp-cn"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5220"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5220"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "date": "2019-07-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "date": "2019-06-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          },
          {
            "date": "2019-07-10T18:15:11.067000",
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-25751"
          },
          {
            "date": "2019-07-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          },
          {
            "date": "2024-11-21T04:44:32.850000",
            "db": "NVD",
            "id": "CVE-2019-5220"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Product permission vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-006517"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201906-1047"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202009-1319

    Vulnerability from variot - Updated: 2024-11-23 23:01

    HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploitation can impact the service. Huawei Mate 20 is a smartphone launched by Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202009-1319",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.163\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.163 (c00e160r3p8)"
          },
          {
            "model": "mate \u003c10.1.0.163",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          }
        ]
      },
      "cve": "CVE-2020-9083",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9083",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-010546",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-52403",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "LOW",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9083",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "Low",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-010546",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9083",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-010546",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52403",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202009-250",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploitation can impact the service. Huawei Mate 20 is a smartphone launched by Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9083",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "48891",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "id": "VAR-202009-1319",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:14.153000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200902-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-03-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 denial of service vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/234322"
          },
          {
            "title": "HUAWEI Mate 20 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127983"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9083"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-03-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-9083"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/48891"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "date": "2021-01-27T02:27:22",
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          },
          {
            "date": "2020-09-03T19:15:12.353000",
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52403"
          },
          {
            "date": "2021-01-27T02:27:22",
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          },
          {
            "date": "2022-03-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          },
          {
            "date": "2024-11-21T05:39:59.550000",
            "db": "NVD",
            "id": "CVE-2020-9083"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Input verification vulnerabilities on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-010546"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-250"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-1048

    Vulnerability from variot - Updated: 2024-11-23 22:58

    HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. plural Huawei There is an authentication vulnerability in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. Huawei Mate 20, Mate 20 Pro, Mate 20 X and Mate 20 RS are all smart phones of China's Huawei (Huawei) company.

    There are security vulnerabilities in many Huawei products, which are caused by the program's failure to correctly sign encrypted files. Attackers can use this vulnerability to forge files

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1048",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate pro \u003c10.1.0.270",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e62r2p11\\)"
          },
          {
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.194\\(c00e62r8p12\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.175\\(c00e58r4p11\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c786e160r3p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c431e7r1p5\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c636e7r2p4\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "honor magic 2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.187\\(c00e61r2p11\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c635e3r1p5\\)"
          },
          {
            "model": "honor 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor magic 2",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor v20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 rs",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 x",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.1.0.273",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          },
          {
            "model": "p30 \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate rs \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honormagic \u003c10.0.0.187",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "2"
          },
          {
            "model": "honor \u003c10.0.0.175",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honor pro \u003c10.0.0.194",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "honorv20 \u003c10.0.0.188",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "cve": "CVE-2020-9244",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9244",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-46459",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9244",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9244",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9244",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9244",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-46459",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202008-580",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged. plural Huawei There is an authentication vulnerability in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put in a state. Huawei Mate 20, Mate 20 Pro, Mate 20 X and Mate 20 RS are all smart phones of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere are security vulnerabilities in many Huawei products, which are caused by the program\u0027s failure to correctly sign encrypted files. Attackers can use this vulnerability to forge files",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9244",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "id": "VAR-202008-1048",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          }
        ],
        "trust": 1.2862094863636364
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:10.110000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200805-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
          },
          {
            "title": "Patch for Incorrect authentication vulnerabilities in multiple Huawei products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/230800"
          },
          {
            "title": "Multiple Huawei Product Authorization Issue Vulnerability Fixing Measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126447"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9244"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200805-02-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "date": "2020-10-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "date": "2020-08-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "date": "2020-08-11T19:15:17.687000",
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-46459"
          },
          {
            "date": "2020-10-26T08:31:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          },
          {
            "date": "2024-11-21T05:40:15.390000",
            "db": "NVD",
            "id": "CVE-2020-9244"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009253"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-580"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202007-1264

    Vulnerability from variot - Updated: 2024-11-23 22:55

    HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. plural Huawei A past traversal vulnerability exists in smartphones.Information may be tampered with. Huawei Mate 20 and others are all smart phones of China's Huawei (Huawei) company.

    There are security vulnerabilities in many Huawei products. The vulnerability is caused by the program's failure to correctly verify the path name of the process

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-1264",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.135\\(c00e135r2p8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c786e160r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "magic 2",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r2p11)"
          },
          {
            "model": "mate 20 rs",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c786e160r3p8)"
          },
          {
            "model": "mate 20 x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.135(c00e135r2p8)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.1.0.160(c00e160r3p8)"
          },
          {
            "model": "mate \u003c10.1.0.160",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.1.0.277",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate \u003c10.1.0.135",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          },
          {
            "model": "mate rs porsche design",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20\u003c10.1.0.160"
          },
          {
            "model": "honor magic2 \u003c10.1.0.160",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:magic2_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_rs_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_x_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          }
        ]
      },
      "cve": "CVE-2020-9252",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9252",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008289",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-52401",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.8,
                "id": "CVE-2020-9252",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.3,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-008289",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9252",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-008289",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52401",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-1112",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. plural Huawei A past traversal vulnerability exists in smartphones.Information may be tampered with. Huawei Mate 20 and others are all smart phones of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere are security vulnerabilities in many Huawei products. The vulnerability is caused by the program\u0027s failure to correctly verify the path name of the process",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9252",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "id": "VAR-202007-1264",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          }
        ],
        "trust": 1.3050634149999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:55:06.327000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200715-07-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en"
          },
          {
            "title": "Patch for Path traversal vulnerabilities in multiple Huawei products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/234337"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-07-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9252"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9252"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200715-07-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "date": "2020-09-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          },
          {
            "date": "2020-07-17T23:15:11.537000",
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52401"
          },
          {
            "date": "2020-09-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          },
          {
            "date": "2024-11-21T05:40:16.590000",
            "db": "NVD",
            "id": "CVE-2020-9252"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Path traversal vulnerability in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-008289"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1112"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202002-0214

    Vulnerability from variot - Updated: 2024-11-23 22:51

    In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0214",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "google",
            "version": "8.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "google",
            "version": "8.1"
          },
          {
            "model": "honor 8a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.291\\(c185e3r4p1\\)"
          },
          {
            "model": "mate 30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e74r3p8\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.162\\(c00e156r1p4\\)"
          },
          {
            "model": "mate 30 pro 5g",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c636e3r4p3\\)"
          },
          {
            "model": "p smart",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193\\(c605e6r1p5t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.183\\(c185e2r6p1\\)"
          },
          {
            "model": "y6 pro 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.290\\(c636e5r3p1\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e74r2p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.196\\(c185e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.190\\(c432e22r2p5\\)"
          },
          {
            "model": "nova 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.338\\(c00e333r1p1t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.264\\(c185e2r5p1t8\\)"
          },
          {
            "model": "mate 30 5g",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.162\\(c00e156r1p4\\)"
          },
          {
            "model": "p smart 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.180\\(c185e3r4p1\\)"
          },
          {
            "model": "y6 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.290\\(c185e5r4p1\\)"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": "9.0"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(c00e85r2p8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.322\\(c635e8r2p2\\)"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "google",
            "version": "10.0"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": null
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "9"
          },
          {
            "model": "android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "10"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "nu11secur1ty",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-0022",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2020-0022",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-0022",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-0022",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-0022",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2020-0022",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-0022",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202002-366",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-0022",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715. Android contains a calculation error vulnerability. This vulnerability is Android ID: A-143894715 It is published as.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-0022",
            "trust": 3.3
          },
          {
            "db": "PACKETSTORM",
            "id": "156891",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "45798",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "49115",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-0022",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "id": "VAR-202002-0214",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.538734306
      },
      "last_update_date": "2024-11-23T22:51:30.464000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Android\u00a0 Public information about security \u00a0-\u00a02020\u00a0 Year \u00a02\u00a0 Moon",
            "trust": 0.8,
            "url": "https://source.android.com/security/bulletin/2020-02-01"
          },
          {
            "title": "Android Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110484"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Integer Overflow Vulnerability in Android affects Several Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=5ecb6a3686ddfa79c27cc2c950827f9f"
          },
          {
            "title": "CVE-2020-0022\nUpdate 1\nUpdate 2",
            "trust": 0.1,
            "url": "https://github.com/marcinguy/CVE-2020-0022 "
          },
          {
            "title": "https://github.com/Polo35/CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/Polo35/CVE-2020-0022 "
          },
          {
            "title": "Bluefrag_CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/k3vinlusec/Bluefrag_CVE-2020-0022 "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/devdanqtuan/poc-for-cve-2020-0022 "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/leommxj/cve-2020-0022 "
          },
          {
            "title": "AndroidBlueFragCVE",
            "trust": 0.1,
            "url": "https://github.com/sharif-dev/AndroidBlueFragCVE "
          },
          {
            "title": "cve-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/5k1l/cve-2020-0022 "
          },
          {
            "title": "CVE-2020-0022",
            "trust": 0.1,
            "url": "https://github.com/themmokhtar/CVE-2020-0022 "
          },
          {
            "title": "CVE-2020-14292: A bluetooth transport issue in COVIDSafe App",
            "trust": 0.1,
            "url": "https://github.com/alwentiu/CVE-2020-14292 "
          },
          {
            "title": "https://github.com/seemoo-lab/frankenstein",
            "trust": 0.1,
            "url": "https://github.com/seemoo-lab/frankenstein "
          },
          {
            "title": "Protocol-Vulnerability\nRelated Resources\nContributors",
            "trust": 0.1,
            "url": "https://github.com/WinMin/Protocol-Vul "
          },
          {
            "title": "\u7b80\u4ecb\n\u5b89\u88c5\n\u4f7f\u7528\nhttpserver\u63a5\u53e3",
            "trust": 0.1,
            "url": "https://github.com/he1m4n6a/cve-db "
          },
          {
            "title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
            "trust": 0.1,
            "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
          },
          {
            "title": "Awesome Bluetooth Security (BR, EDR, LE, and Mesh)",
            "trust": 0.1,
            "url": "https://github.com/engn33r/awesome-bluetooth-security "
          },
          {
            "title": "\u6240\u6709\u6536\u96c6\u7c7b\u9879\u76ee\nAndroid\n\u76ee\u5f55\n\u8d44\u6e90\u6536\u96c6\n\u77e5\u540d\u5206\u6790\u5de5\u5177\n\u5404\u7c7bApp\nTopic\n\u5176\u4ed6\n\u5de5\u5177\n\u6587\u7ae0\n\u8d21\u732e",
            "trust": 0.1,
            "url": "https://github.com/alphaSeclab/android-security "
          },
          {
            "title": "OPSEC-Hall-of-fame \ud83d\ude0e",
            "trust": 0.1,
            "url": "https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame "
          },
          {
            "title": "CVE-Mitre\nDownload single CVE",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/CVE-mitre "
          },
          {
            "title": "CVE-Mitre\nDownload single CVE",
            "trust": 0.1,
            "url": "https://github.com/nu11secur1ty/CVE "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/soosmile/POC "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/developer3000S/PoC-in-GitHub "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/hectorgie/PoC-in-GitHub "
          },
          {
            "title": "PoC in GitHub",
            "trust": 0.1,
            "url": "https://github.com/0xT11/CVE-POC "
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2020/02/07/android_bluetooth_flaw/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-682",
            "trust": 1.0
          },
          {
            "problemtype": "calculation error (CWE-682) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://source.android.com/security/bulletin/2020-02-01"
          },
          {
            "trust": 2.3,
            "url": "http://packetstormsecurity.com/files/156891/android-bluetooth-remote-denial-of-service.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2020/feb/10"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0022"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-february-2020-31507"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/45798"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200513-03-smartphone-cn"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/49115"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/682.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/marcinguy/cve-2020-0022"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "date": "2020-03-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "date": "2020-02-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "date": "2020-02-13T15:15:11.780000",
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-02-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-0022"
          },
          {
            "date": "2024-02-27T07:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          },
          {
            "date": "2020-09-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          },
          {
            "date": "2024-11-21T04:52:45.763000",
            "db": "NVD",
            "id": "CVE-2020-0022"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Android\u00a0 calculation error vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001993"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-366"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202005-0618

    Vulnerability from variot - Updated: 2024-11-23 22:44

    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. Huawei Mate 20 is a smart phone of the Chinese company Huawei. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0618",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.185\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.185(c00e74r3p8)"
          },
          {
            "model": "mate \u003c10.0.0.185",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          }
        ]
      },
      "cve": "CVE-2020-1797",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1797",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-005917",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31280",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1797",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-005917",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1797",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-005917",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31280",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202005-1350",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. Huawei Mate 20 is a smart phone of the Chinese company Huawei. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1797",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "id": "VAR-202005-0618",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:35.029000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200527-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 authorization issue vulnerability (CNVD-2020-31280)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220047"
          },
          {
            "title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119907"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1797"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-03-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1797"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200527-03-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "date": "2020-06-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "date": "2020-05-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          },
          {
            "date": "2020-05-29T20:15:11.107000",
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31280"
          },
          {
            "date": "2020-06-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          },
          {
            "date": "2024-11-21T05:11:23.963000",
            "db": "NVD",
            "id": "CVE-2020-1797"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005917"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1350"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202008-1055

    Vulnerability from variot - Updated: 2024-11-23 22:44

    HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, the availability of the device is affected. HUAWEI Mate 20 There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 20 is a smartphone of China's Huawei (Huawei) company. An attacker can use this vulnerability to achieve a successful connection when the object refuses the P2P connection

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1055",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.0.0.205\\(c00e205r2p1\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.0.0.205(c00e205r2p1)"
          },
          {
            "model": "mate 9.0.0.205",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          }
        ]
      },
      "cve": "CVE-2020-9103",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9103",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009599",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-52406",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9103",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009599",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9103",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-009599",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-52406",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. In a special scenario, the system does not properly process. As a result, attackers can perform a series of operations to successfully establish P2P connections that are rejected by the peer end. As a result, the availability of the device is affected. HUAWEI Mate 20 There are unspecified vulnerabilities in smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Mate 20 is a smartphone of China\u0027s Huawei (Huawei) company. An attacker can use this vulnerability to achieve a successful connection when the object refuses the P2P connection",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9103",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-855",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "id": "VAR-202008-1055",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:27.337000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200812-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-smartphone-en"
          },
          {
            "title": "Patch for HUAWEI Mate 20 logic error vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/231265"
          },
          {
            "title": "Huawei Mate 20 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126542"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9103"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9103"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "date": "2020-11-20T06:26:56",
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "date": "2020-08-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          },
          {
            "date": "2020-08-17T15:15:15.340000",
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-09-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-52406"
          },
          {
            "date": "2020-11-20T06:26:56",
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          },
          {
            "date": "2020-08-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          },
          {
            "date": "2024-11-21T05:40:02.467000",
            "db": "NVD",
            "id": "CVE-2020-9103"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009599"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202008-855"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-1177

    Vulnerability from variot - Updated: 2024-11-23 22:44

    HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. HUAWEI Mate 20 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HUAWEI Mate 20 is a smart phone launched by Huawei. The vulnerability stems from insufficient input validation. An attacker can use this vulnerability to implement code execution through a specially crafted Bluetooth message after successful pairing

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1177",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "mate 20  firmware  10.0.0.188(c00e74r3p8)  less than"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "cve": "CVE-2020-9113",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.5,
                "id": "CVE-2020-9113",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-57586",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.0,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2020-9113",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.0,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9113",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9113",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9113",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-57586",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-640",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9113",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. HUAWEI Mate 20 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HUAWEI Mate 20 is a smart phone launched by Huawei. The vulnerability stems from insufficient input validation. An attacker can use this vulnerability to implement code execution through a specially crafted Bluetooth message after successful pairing",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9113"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9113",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "50559",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9113",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "id": "VAR-202010-1177",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:24.814000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20201014-01-bluetooth",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en"
          },
          {
            "title": "Patch for HUAWEI Mate 20 buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/236905"
          },
          {
            "title": "Huawei Mate 20 Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131282"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9113"
          },
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-en"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/50559"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-01-bluetooth-cn"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189827"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "date": "2020-10-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9113"
          },
          {
            "date": "2021-05-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "date": "2020-10-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          },
          {
            "date": "2020-10-19T20:15:13.260000",
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-57586"
          },
          {
            "date": "2020-10-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9113"
          },
          {
            "date": "2021-05-10T07:32:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          },
          {
            "date": "2020-11-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          },
          {
            "date": "2024-11-21T05:40:04.010000",
            "db": "NVD",
            "id": "CVE-2020-9113"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI\u00a0Mate\u00a020\u00a0 Buffer Overflow Vulnerability in Linux",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012481"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-640"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0258

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation. The vulnerability stems from the system's improper restrictions on some operations of users in ADB mode. An attacker could use this vulnerability to switch to a third-party desktop

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0258",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c786e133r3p1\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.135(c786e133r3p1)"
          },
          {
            "model": "mate rs \u003c9.1.0.135",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5308",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-5308",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2019-44560",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-5308",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-5308",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5308",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5308",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-44560",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201911-1460",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-5308",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation. The vulnerability stems from the system\u0027s improper restrictions on some operations of users in ADB mode. An attacker could use this vulnerability to switch to a third-party desktop",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5308",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "id": "VAR-201911-0258",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          }
        ],
        "trust": 1.3624999999999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:18.425000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20191127-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 RS improper authorization vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/193523"
          },
          {
            "title": "Huawei Mate 20 RS Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103729"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Improper Authorization Vulnerability in Several Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=705b2901adfc0c7fd70974844b866423"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5308"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20191127-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5308"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "date": "2019-11-29T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "date": "2019-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "date": "2019-11-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          },
          {
            "date": "2019-11-29T21:15:11.480000",
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44560"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5308"
          },
          {
            "date": "2019-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          },
          {
            "date": "2024-11-21T04:44:43.340000",
            "db": "NVD",
            "id": "CVE-2019-5308"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mate 20 RS Unauthorized authentication vulnerability in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012686"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201911-1460"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0619

    Vulnerability from variot - Updated: 2024-11-23 22:41

    There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China's Huawei.

    A denial of service vulnerability exists in versions before Huawei Honor10 Lite Harry-AL00C 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0619",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c461e2r2p1\\)"
          },
          {
            "model": "sydneym-l03",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.217\\(c605e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.259\\(c185e1r1p2t8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.305\\(c635e8r2p2\\)"
          },
          {
            "model": "alp-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.321\\(c636e4r1p14t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "alp-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.300\\(c432e4r1p9t8\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c636e2r2p1\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c185e1r1p9t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e10r1p12t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c636e2r1p12t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c461e3r1p11t8\\)"
          },
          {
            "model": "jackman-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.247\\(c636e2r4p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c636e7r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e1r1p1t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c636e3r2p1\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c432e6r1p12t8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.131\\(c00e131r3p1\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "cornell-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydneym-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.228\\(c00e78r1p7t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e3r1p14t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c185e3r1p12t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c432e3r1p12\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e4r1p11t8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c185e10r2p1\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c782e2r1p1t8\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.238\\(c432e1r3p1\\)"
          },
          {
            "model": "paris-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c636e1r1p3t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c432e7r1p11t8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.186\\(c00e180r2p1\\)"
          },
          {
            "model": "sydneym-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c605e2r1p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c605e2r1p12t8\\)"
          },
          {
            "model": "paris-l21b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c432e1r1p2t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.302\\(c635e4r1p13t8\\)"
          },
          {
            "model": "paris-l21meb",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c185e4r1p3t8\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c00e133r2p1\\)"
          },
          {
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.152\\(c00e150r5p1\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c432e2r3p2\\)"
          },
          {
            "model": "sydney-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydney-l22br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e4r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c461e1r1p9t8\\)"
          },
          {
            "model": "columbia-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e3r1p12t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c605e3r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "alp-l29",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.315\\(c636e5r1p13t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.335\\(c636e3r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.270\\(c432e3r1p1t8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e1r1p9t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e2r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c635e1r1p2t8\\)"
          },
          {
            "model": "berkeley-al20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e4r1p13t8\\)"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.234\\(c00e234r4p3\\)"
          },
          {
            "model": "sydney-l21br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p2t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.216\\(c569e1r1p1t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e5r1p14t8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c786e133r3p1\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e3r3p1\\)"
          },
          {
            "model": "sydney-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.212\\(c00e62r1p7t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e4r1p11t8\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e1r1p1t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e2r1p12t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "honor magic2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.187"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e4r1p12t8\\)"
          },
          {
            "model": "honor 10 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.283\\(c605e8r2p2\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.350(c10e3r1p14t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.350(c636e4r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.302(c635e4r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "huawei",
            "version": "9.1.0.321(c636e4r1p14t8)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.300(c432e4r1p9t8)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.315(c636e5r1p13t8)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.351(c432e5r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.330(c432e6r1p12t8)"
          },
          {
            "model": "honor10 lite \u003charry-al00c 9.1.0.217",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "y9 \u003cjackman-l23 9.1.0.220",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.1.18d(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.106(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.113(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.113(sp3c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.113(sp7c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.118(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.120(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.125(sp1c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.125(sp3c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.126(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.126(sp5c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.127(sp1c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.128(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.129"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.129(sp2c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.153(c00)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.336(c00)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.105(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.111(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.112d(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.116(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.119(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.119d(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.122(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.132(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.132d(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.142(c00)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.151(c00)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.127(c432)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.0.0.137(c432)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c185e4r1p11t8)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.325(c185e4r1p11t8)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.335(c636e3r1p13t8)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.336(c605e3r1p12t8)"
          },
          {
            "model": "columbia-al10b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.163(c00)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.146(c461)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.148(c185)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.151(c10)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.151(c432)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.350(c10e5r1p14t8)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.350(c185e3r1p12t8)"
          },
          {
            "model": "columbia-l29d",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.350(c461e3r1p11t8)"
          },
          {
            "model": "cornell-l29a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.328(c185e1r1p9t8)"
          },
          {
            "model": "cornell-l29a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.328(c432e1r1p9t8)"
          },
          {
            "model": "cornell-l29a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.328(c636e2r1p12t8)"
          },
          {
            "model": "emily-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emily-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c185e2r1p12t8)"
          },
          {
            "model": "emily-l09c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.336(c605e4r1p12t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.132a(c432)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.135(c782)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.154(c10)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.154(c461)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.154(c635)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.156(c185)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.156(c605)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.159(c636)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c10e2r1p13t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c185e2r1p12t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c432e7r1p11t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c461e2r1p11t8)"
          },
          {
            "model": "emily-l29c",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.311(c605e2r1p12t8)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.0.206(c185e3r3p1)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.0.207(c636e3r2p1)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.0.208(c432e3r1p12)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.310(c432e3r1p12)"
          },
          {
            "model": "ever-l29b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.310(c636e3r2p1)"
          },
          {
            "model": "honor 10 lite",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 10 lite",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.217(c00e215r3p1)"
          },
          {
            "model": "honor 8x",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 8x",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.217(c00e15r3p2t8)"
          },
          {
            "model": "honor magic2",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor magic2",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "10.0.0.175(c00e59r2p11)"
          },
          {
            "model": "honor v20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor v20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.0.1.161(c00e161r2p2)"
          },
          {
            "model": "jackman-l22",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.156(c636r2p2)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.135(c00e133r3p1)"
          },
          {
            "model": "mate 20 rs",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.109"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.120"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.121"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.128"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.130"
          },
          {
            "model": "p20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.1.0.171(c00)"
          },
          {
            "model": "p20 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "sydney-l21",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.213(c185e1r1p1t8)"
          },
          {
            "model": "sydneym-l01",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.213(c185e1r1p1t8)"
          },
          {
            "model": "sydneym-l01",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.215(c782e2r1p1t8)"
          },
          {
            "model": "sydneym-l21",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.215(c432e4r1p1t8)"
          },
          {
            "model": "sydneym-l22",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.216(c569e1r1p1t8)"
          },
          {
            "model": "sydneym-l22",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.220(c635e1r1p2t8)"
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.160(c185r2p2)"
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.162(c605)"
          },
          {
            "model": "y9 2019",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "8.2.0.163(c605)"
          },
          {
            "model": "yale-l21a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.154(c432e2r3p2)"
          },
          {
            "model": "yale-l21a",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.154(c461e2r2p1)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-al00b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-al20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:bla-l29c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "These two vulnerabilities were discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5303",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2019-5303",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015526",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.6,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.2,
                "id": "CNVD-2019-44785",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-5303",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015526",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5303",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015526",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-44785",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1092",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-5303",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China\u0027s Huawei. \n\nA denial of service vulnerability exists in versions before Huawei Honor10 Lite Harry-AL00C 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5303",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "id": "VAR-202004-0619",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          }
        ],
        "trust": 1.1828954514285712
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:07.750000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190814-01-mobile",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "title": "Patch for Huawei Honor10 Lite and Huawei Y9 Denial of Service Vulnerability (CNVD-2019-44785)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/193773"
          },
          {
            "title": "Huawei Honor10 Lite  and Huawei Y9 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96758"
          },
          {
            "title": "Huawei Security Advisories: Two Denial of Service Vulnerabilities on Some Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=88453f1b990572fac17211a1a9b849ea"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5303"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190814-01-mobile-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5303"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165364"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "date": "2020-04-27T20:15:12.397000",
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-12-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-44785"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5303"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          },
          {
            "date": "2024-11-21T04:44:42.557000",
            "db": "NVD",
            "id": "CVE-2019-5303"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Input verification vulnerabilities on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015526"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1092"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-1007

    Vulnerability from variot - Updated: 2024-11-23 22:33

    HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8). HUAWEI Mate 20 Smartphones have an authentication vulnerability.Information obtained and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China's Huawei. Local attackers can use this vulnerability to leak information and affect the usability of the phone

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1007",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 2.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.175\\(c00e70r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "mate 20  firmware  10.0.0.175(c00e70r3p8)"
          },
          {
            "model": "mate \u003c10.0.0.175",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.175c00e70r3p8"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.139c00e133r3p1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vulnerability was discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-1840",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 3.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1840",
                "impactScore": 4.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-02969",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.0,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2020-1840",
                "impactScore": 5.2,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.0,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-1840",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1840",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-1840",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-02969",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-779",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8). HUAWEI Mate 20 Smartphones have an authentication vulnerability.Information obtained and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China\u0027s Huawei. Local attackers can use this vulnerability to leak information and affect the usability of the phone",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1840",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "id": "VAR-202001-1007",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:36.795000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200115-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-smartphone-en"
          },
          {
            "title": "Patch for Unknown vulnerability in Huawei Mate 20",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/197403"
          },
          {
            "title": "Huawei Mate 20 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107107"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          },
          {
            "problemtype": "Incorrect authentication (CWE-287) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1840"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200115-01-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "date": "2020-02-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "date": "2020-01-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "date": "2020-01-21T19:15:14.020000",
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02969"
          },
          {
            "date": "2020-02-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          },
          {
            "date": "2020-01-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          },
          {
            "date": "2024-11-21T05:11:28.303000",
            "db": "NVD",
            "id": "CVE-2020-1840"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI\u00a0Mate\u00a020\u00a0 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001478"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-779"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0961

    Vulnerability from variot - Updated: 2024-11-23 22:33

    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. Huawei Mate 20 is a smart phone of the Chinese company Huawei.

    Before Huawei Mate 20 10.0.0.188 (C00E74R3P8), there was an access control error vulnerability. The vulnerability stems from the system’s failure to properly restrict the modification of configuration files by specific users. An attacker can exploit a series of operations in ADB debugging mode. The vulnerability caused the application lock to be bypassed

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0961",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.131(c00e131r3p1)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "9.1.0.139(c00e133r3p1)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "10.0.0.175(c00e70r3p8)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "huawei",
            "version": "10.0.0.185(c00e74r3p8)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          }
        ]
      },
      "cve": "CVE-2020-1807",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1807",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-004654",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-27122",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1807",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "baseSeverity": "Low",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-004654",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1807",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-004654",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-27122",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1954",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-1807",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user\u0027s modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. Huawei Mate 20 is a smart phone of the Chinese company Huawei. \n\r\n\r\nBefore Huawei Mate 20 10.0.0.188 (C00E74R3P8), there was an access control error vulnerability. The vulnerability stems from the system\u2019s failure to properly restrict the modification of configuration files by specific users. An attacker can exploit a series of operations in ADB debugging mode. The vulnerability caused the application lock to be bypassed",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1807",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "id": "VAR-202004-0961",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:28.945000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200422-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 access control error vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/216753"
          },
          {
            "title": "Huawei Mate 20 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116723"
          },
          {
            "title": "Huawei Security Advisories: Security Advisory - Improper Authorization Vulnerability in Several Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=daf6c3e6182f254486d0180254736189"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1807"
          },
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1807"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200422-01-smartphone-cn"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/863.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/180312"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "date": "2020-05-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          },
          {
            "date": "2020-04-27T15:15:13.080000",
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-27122"
          },
          {
            "date": "2020-04-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-1807"
          },
          {
            "date": "2020-05-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          },
          {
            "date": "2024-11-21T05:11:25.090000",
            "db": "NVD",
            "id": "CVE-2020-1807"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-004654"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1954"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1394

    Vulnerability from variot - Updated: 2024-11-23 22:29

    There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. plural Huawei The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1394",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "yale-tl00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c01e160r8p12\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c636e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c10e7r5p1\\)"
          },
          {
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.231\\(c10e3r3p2\\)"
          },
          {
            "model": "yale-l61a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.226\\(c10e3r1p1\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c635e3r1p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c636e7r3p4\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c185e7r2p4\\)"
          },
          {
            "model": "yalep-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r8p12\\)"
          },
          {
            "model": "princeton-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.270\\(c432e7r1p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c636e5r3p4\\)"
          },
          {
            "model": "hima-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.275\\(c10e4r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c605e19r1p3\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r3p8\\)"
          },
          {
            "model": "laya-al00ep",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c786e160r3p8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.277\\(c10e7r2p4\\)"
          },
          {
            "model": "p30",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.272\\(c635e4r2p2\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "honor 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.230\\(c432e9r5p1\\)"
          },
          {
            "model": "tony-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p11\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.277\\(c605e7r1p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.123\\(c432e22r2p5\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.126\\(c185e4r7p1\\)"
          },
          {
            "model": "hima-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c185e5r2p4\\)"
          },
          {
            "model": "yale-l61a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.225\\(c432e3r1p2\\)"
          },
          {
            "model": "hima-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.273\\(c636e5r2p4\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.160\\(c00e160r2p8\\)"
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "tony-al00b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "princeton-al10b",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "honor 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "laya-al00ep",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "hima-l29c",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20 x",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "cve": "CVE-2020-9247",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9247",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9247",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9247",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9247",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9247",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-1901",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. plural Huawei The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9247",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "id": "VAR-202012-1394",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.49300468750000004
      },
      "last_update_date": "2024-11-23T22:29:21.018000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200729-03-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
          },
          {
            "title": "Repair measures for Huawei buffer error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129041"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9247"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200729-03-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "date": "2020-07-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "date": "2020-12-07T13:15:11.123000",
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-03T04:39:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          },
          {
            "date": "2024-11-21T05:40:15.980000",
            "db": "NVD",
            "id": "CVE-2020-9247"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014149"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-1901"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0618

    Vulnerability from variot - Updated: 2024-11-23 22:21

    There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China's Huawei.

    A denial of service vulnerability exists in Huawei Honor10 Lite Harry-AL00C versions earlier than 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8). The vulnerability stems from the fact that the two fields are not duplicated when parsing

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0618",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c461e2r2p1\\)"
          },
          {
            "model": "sydneym-l03",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.217\\(c605e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.259\\(c185e1r1p2t8\\)"
          },
          {
            "model": "nova lite 3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.305\\(c635e8r2p2\\)"
          },
          {
            "model": "alp-al00b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.321\\(c636e4r1p14t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "alp-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.300\\(c432e4r1p9t8\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c636e2r2p1\\)"
          },
          {
            "model": "p20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c185e1r1p9t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e10r1p12t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c636e2r1p12t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c461e3r1p11t8\\)"
          },
          {
            "model": "jackman-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.247\\(c636e2r4p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c636e7r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e1r1p1t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c636e3r2p1\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c432e6r1p12t8\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.131\\(c00e131r3p1\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.351\\(c432e5r1p13t8\\)"
          },
          {
            "model": "cornell-al00a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydneym-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.228\\(c00e78r1p7t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e3r1p14t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c185e3r1p12t8\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c432e3r1p12\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.325\\(c185e4r1p11t8\\)"
          },
          {
            "model": "mate 20 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.310\\(c185e10r2p1\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c782e2r1p1t8\\)"
          },
          {
            "model": "honor view 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.238\\(c432e1r3p1\\)"
          },
          {
            "model": "paris-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c636e1r1p3t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c432e7r1p11t8\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.186\\(c00e180r2p1\\)"
          },
          {
            "model": "sydneym-l23",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.226\\(c605e2r1p1t8\\)"
          },
          {
            "model": "emily-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c605e2r1p12t8\\)"
          },
          {
            "model": "paris-l21b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c432e1r1p2t8\\)"
          },
          {
            "model": "bla-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.302\\(c635e4r1p13t8\\)"
          },
          {
            "model": "paris-l21meb",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.331\\(c185e4r1p3t8\\)"
          },
          {
            "model": "mate 20 x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c00e133r2p1\\)"
          },
          {
            "model": "honor 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.152\\(c00e150r5p1\\)"
          },
          {
            "model": "yale-l21a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.154\\(c432e2r3p2\\)"
          },
          {
            "model": "sydney-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydney-l22br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.258\\(c636e1r1p1t8\\)"
          },
          {
            "model": "sydneym-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e4r1p1t8\\)"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.330\\(c461e1r1p9t8\\)"
          },
          {
            "model": "columbia-al10b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e3r1p12t8\\)"
          },
          {
            "model": "y9 2019",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c605e3r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p1t8\\)"
          },
          {
            "model": "alp-l29",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.315\\(c636e5r1p13t8\\)"
          },
          {
            "model": "charlotte-l29c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.335\\(c636e3r1p13t8\\)"
          },
          {
            "model": "sydneym-l01",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.270\\(c432e3r1p1t8\\)"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.193"
          },
          {
            "model": "cornell-l29a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.328\\(c432e1r1p9t8\\)"
          },
          {
            "model": "honor 8x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.221\\(c461e2r1p1t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.220\\(c635e1r1p2t8\\)"
          },
          {
            "model": "berkeley-al20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r2p1t8\\)"
          },
          {
            "model": "berkeley-l09",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c636e4r1p13t8\\)"
          },
          {
            "model": "honor v20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.234\\(c00e234r4p3\\)"
          },
          {
            "model": "sydney-l21br",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.213\\(c185e1r1p2t8\\)"
          },
          {
            "model": "sydneym-l22",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.216\\(c569e1r1p1t8\\)"
          },
          {
            "model": "columbia-l29d",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.350\\(c10e5r1p14t8\\)"
          },
          {
            "model": "mate 20 rs",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.135\\(c786e133r3p1\\)"
          },
          {
            "model": "ever-l29b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e3r3p1\\)"
          },
          {
            "model": "sydney-al00",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.212\\(c00e62r1p7t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e4r1p11t8\\)"
          },
          {
            "model": "p20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.333\\(c00e333r1p1t8\\)"
          },
          {
            "model": "sydney-l21",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.215\\(c432e1r1p1t8\\)"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.311\\(c185e2r1p12t8\\)"
          },
          {
            "model": "charlotte-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.345\\(c432e8r1p11t8\\)"
          },
          {
            "model": "honor magic2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.187"
          },
          {
            "model": "emily-l09c",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.336\\(c605e4r1p12t8\\)"
          },
          {
            "model": "honor 10 lite",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.283\\(c605e8r2p2\\)"
          },
          {
            "model": "alp-al00b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "alp-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.300(c432e4r1p9t8)"
          },
          {
            "model": "alp-l29",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.315(c636e5r1p13t8)"
          },
          {
            "model": "berkeley-al20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.333(c00e333r2p1t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.350(c10e3r1p14t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.350(c636e4r1p13t8)"
          },
          {
            "model": "berkeley-l09",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.351(c432e5r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.302(c635e4r1p13t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.321(c636e4r1p14t8)"
          },
          {
            "model": "bla-l29c",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "9.1.0.330(c432e6r1p12t8)"
          },
          {
            "model": "honor10 lite \u003charry-al00c 9.1.0.217",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "y9 \u003cjackman-l23 9.1.0.220",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-al00b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:alp-l29_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-al20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:berkeley-l09_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:bla-l29c_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "These two vulnerabilities were discovered by Huawei internal testing.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5302",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2019-5302",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015525",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2019-33609",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-5302",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015525",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5302",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015525",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33609",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-1095",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-5302",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. Affected products are: ALP-AL00B: earlier than 9.1.0.333(C00E333R2P1T8) ALP-L09: earlier than 9.1.0.300(C432E4R1P9T8) ALP-L29: earlier than 9.1.0.315(C636E5R1P13T8) BLA-L29C: earlier than 9.1.0.321(C636E4R1P14T8), earlier than 9.1.0.330(C432E6R1P12T8), earlier than 9.1.0.302(C635E4R1P13T8) Berkeley-AL20: earlier than 9.1.0.333(C00E333R2P1T8) Berkeley-L09: earlier than 9.1.0.350(C10E3R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8), earlier than 9.1.0.350(C636E4R1P13T8) Charlotte-L09C: earlier than 9.1.0.311(C185E4R1P11T8), earlier than 9.1.0.345(C432E8R1P11T8) Charlotte-L29C: earlier than 9.1.0.325(C185E4R1P11T8), earlier than 9.1.0.335(C636E3R1P13T8), earlier than 9.1.0.345(C432E8R1P11T8), earlier than 9.1.0.336(C605E3R1P12T8) Columbia-AL10B: earlier than 9.1.0.333(C00E333R1P1T8) Columbia-L29D: earlier than 9.1.0.350(C461E3R1P11T8), earlier than 9.1.0.350(C185E3R1P12T8), earlier than 9.1.0.350(C10E5R1P14T8), earlier than 9.1.0.351(C432E5R1P13T8) Cornell-AL00A: earlier than 9.1.0.333(C00E333R1P1T8) Cornell-L29A: earlier than 9.1.0.328(C185E1R1P9T8), earlier than 9.1.0.328(C432E1R1P9T8), earlier than 9.1.0.330(C461E1R1P9T8), earlier than 9.1.0.328(C636E2R1P12T8) Emily-L09C: earlier than 9.1.0.336(C605E4R1P12T8), earlier than 9.1.0.311(C185E2R1P12T8), earlier than 9.1.0.345(C432E10R1P12T8) Emily-L29C: earlier than 9.1.0.311(C605E2R1P12T8), earlier than 9.1.0.311(C636E7R1P13T8), earlier than 9.1.0.311(C432E7R1P11T8) Ever-L29B: earlier than 9.1.0.311(C185E3R3P1), earlier than 9.1.0.310(C636E3R2P1), earlier than 9.1.0.310(C432E3R1P12) HUAWEI Mate 20: earlier than 9.1.0.131(C00E131R3P1) HUAWEI Mate 20 Pro: earlier than 9.1.0.310(C185E10R2P1) HUAWEI Mate 20 RS: earlier than 9.1.0.135(C786E133R3P1) HUAWEI Mate 20 X: earlier than 9.1.0.135(C00E133R2P1) HUAWEI P20: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P20 Pro: earlier than 9.1.0.333(C00E333R1P1T8) HUAWEI P30: earlier than 9.1.0.193 HUAWEI P30 Pro: earlier than 9.1.0.186(C00E180R2P1) HUAWEI Y9 2019: earlier than 9.1.0.220(C605E3R1P1T8) HUAWEI nova lite 3: earlier than 9.1.0.305(C635E8R2P2) Honor 10 Lite: earlier than 9.1.0.283(C605E8R2P2) Honor 8X: earlier than 9.1.0.221(C461E2R1P1T8) Honor View 20: earlier than 9.1.0.238(C432E1R3P1) Jackman-L22: earlier than 9.1.0.247(C636E2R4P1T8) Paris-L21B: earlier than 9.1.0.331(C432E1R1P2T8) Paris-L21MEB: earlier than 9.1.0.331(C185E4R1P3T8) Paris-L29B: earlier than 9.1.0.331(C636E1R1P3T8) Sydney-AL00: earlier than 9.1.0.212(C00E62R1P7T8) Sydney-L21: earlier than 9.1.0.215(C432E1R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8) Sydney-L21BR: earlier than 9.1.0.213(C185E1R1P2T8) Sydney-L22: earlier than 9.1.0.258(C636E1R1P1T8) Sydney-L22BR: earlier than 9.1.0.258(C636E1R1P1T8) SydneyM-AL00: earlier than 9.1.0.228(C00E78R1P7T8) SydneyM-L01: earlier than 9.1.0.215(C782E2R1P1T8), earlier than 9.1.0.213(C185E1R1P1T8), earlier than 9.1.0.270(C432E3R1P1T8) SydneyM-L03: earlier than 9.1.0.217(C605E1R1P1T8) SydneyM-L21: earlier than 9.1.0.221(C461E1R1P1T8), earlier than 9.1.0.215(C432E4R1P1T8) SydneyM-L22: earlier than 9.1.0.259(C185E1R1P2T8), earlier than 9.1.0.220(C635E1R1P2T8), earlier than 9.1.0.216(C569E1R1P1T8) SydneyM-L23: earlier than 9.1.0.226(C605E2R1P1T8) Yale-L21A: earlier than 9.1.0.154(C432E2R3P2), earlier than 9.1.0.154(C461E2R2P1), earlier than 9.1.0.154(C636E2R2P1) Honor 20: earlier than 9.1.0.152(C00E150R5P1) Honor Magic2: earlier than 10.0.0.187 Honor V20: earlier than 9.1.0.234(C00E234R4P3). plural Huawei There is a vulnerability related to input confirmation on smartphones.Service operation interruption (DoS) It may be put into a state. Huawei Honor10 Lite and Huawei Y9 are both smartphones from China\u0027s Huawei. \n\nA denial of service vulnerability exists in Huawei Honor10 Lite Harry-AL00C versions earlier than 9.1.0.217 (C00E215R3P1) and before Huawei Y9 Jackman-L23 9.1.0.220 (C45E3R1P1T8). The vulnerability stems from the fact that the two fields are not duplicated when parsing ",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5302",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "id": "VAR-202004-0618",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          }
        ],
        "trust": 1.1828954514285714
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:13.412000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190814-01-mobile",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "title": "Patch for Huawei Honor10 Lite and Huawei Y9 Denial of Service Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/182801"
          },
          {
            "title": "Huawei Honor10 Lite  and Huawei Y9 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96759"
          },
          {
            "title": "Huawei Security Advisories: Two Denial of Service Vulnerabilities on Some Huawei Smartphones",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=88453f1b990572fac17211a1a9b849ea"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5302"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190814-01-mobile-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5302"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "date": "2020-04-27T20:15:12.337000",
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33609"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-5302"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          },
          {
            "date": "2020-09-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          },
          {
            "date": "2024-11-21T04:44:42.343000",
            "db": "NVD",
            "id": "CVE-2019-5302"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Input verification vulnerabilities on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015525"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-1095"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202002-0574

    Vulnerability from variot - Updated: 2024-11-23 22:16

    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. Huawei Mate 20 is a smartphone from China's Huawei

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0574",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.185\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.185(c00e74r3p8)"
          },
          {
            "model": "mate \u003c10.0.0.185",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "10.0.0.175c00e70r3p8"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "9.1.0.139c00e133r3p1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          }
        ]
      },
      "cve": "CVE-2020-1791",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1791",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-002089",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-14858",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1791",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-002089",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1791",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-002089",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-14858",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202002-415",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. Huawei Mate 20 is a smartphone from China\u0027s Huawei",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1791",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "id": "VAR-202002-0574",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:16:38.951000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200205-01-smartphone",
            "trust": 0.8,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 Licensing Issue Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/206273"
          },
          {
            "title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110185"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200205-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1791"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1791"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200205-01-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "date": "2020-03-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "date": "2020-02-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "date": "2020-02-18T03:15:11.060000",
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-03-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-14858"
          },
          {
            "date": "2020-03-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          },
          {
            "date": "2020-02-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          },
          {
            "date": "2024-11-21T05:11:23.297000",
            "db": "NVD",
            "id": "CVE-2020-1791"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002089"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-415"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202005-0668

    Vulnerability from variot - Updated: 2024-11-23 22:16

    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. Huawei Mate 20 is a smart phone of the Chinese company Huawei. The vulnerability stems from the fact that the healthy use of mobile phone functions does not adequately limit the duration of user use. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0668",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.195\\(sp31c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.195(sp31c00e74r3p8)"
          },
          {
            "model": "mate \u003c10.0.0.195",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          }
        ]
      },
      "cve": "CVE-2020-1831",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CVE-2020-1831",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 1.9,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-005965",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CNVD-2020-31279",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1831",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-005965",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1831",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-005965",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31279",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202005-1352",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. Huawei Mate 20 is a smart phone of the Chinese company Huawei. The vulnerability stems from the fact that the healthy use of mobile phone functions does not adequately limit the duration of user use. Attackers can use this vulnerability to break through the restrictions on the healthy use of mobile phone functions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1831",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "id": "VAR-202005-0668",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:16:28.521000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200527-04-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 authorization issue vulnerability (CNVD-2020-31279)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220025"
          },
          {
            "title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119908"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-863",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1831"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-04-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1831"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200527-04-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "date": "2020-06-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "date": "2020-05-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          },
          {
            "date": "2020-05-29T21:15:10.023000",
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31279"
          },
          {
            "date": "2020-06-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          },
          {
            "date": "2024-11-21T05:11:27.207000",
            "db": "NVD",
            "id": "CVE-2020-1831"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 Unauthorized authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-005965"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-1352"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1093

    Vulnerability from variot - Updated: 2024-11-23 22:11

    There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1093",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          }
        ]
      },
      "cve": "CVE-2020-1794",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1794",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003140",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-21998",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1794",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003140",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1794",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003140",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-21998",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1139",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. Attackers can use this vulnerability to obtain data on locked applications",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1794",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "id": "VAR-202003-1093",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:11:35.883000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability (CNVD-2020-21998)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213049"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1794"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1794"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "date": "2020-03-20T15:15:13.950000",
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21998"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          },
          {
            "date": "2020-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          },
          {
            "date": "2024-11-21T05:11:23.630000",
            "db": "NVD",
            "id": "CVE-2020-1794"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Authentication vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003140"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1139"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0831

    Vulnerability from variot - Updated: 2024-11-23 22:05

    P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC. There are security vulnerabilities in various Huawei products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0831",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hisuite",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "huawei",
            "version": "9.1.0.305"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)"
          },
          {
            "model": "hisuite",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003cvogue-al00a 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003chima-al00b 9.1.0.135",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:huawei:hisuite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "vendor",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5226",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5226",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-30710",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5226",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-5226",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5226",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5226",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-30710",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-205",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC. There are security vulnerabilities in various Huawei products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5226",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "44306",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "id": "VAR-201911-0831",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          }
        ],
        "trust": 1.4316259699999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:05:56.725000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190904-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
          },
          {
            "title": "Patches for multiple Huawei product version downgrade vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/179199"
          },
          {
            "title": "Multiple Huawei Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97962"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-346",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5226"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190904-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5226"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/44306"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "date": "2019-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          },
          {
            "date": "2019-11-29T19:15:12.057000",
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-30710"
          },
          {
            "date": "2019-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          },
          {
            "date": "2019-12-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          },
          {
            "date": "2024-11-21T04:44:33.630000",
            "db": "NVD",
            "id": "CVE-2019-5226"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Vulnerability related to input confirmation in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012738"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-205"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1094

    Vulnerability from variot - Updated: 2024-11-23 22:05

    There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1094",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          }
        ]
      },
      "cve": "CVE-2020-1795",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1795",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003141",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-21999",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1795",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.4,
                "baseSeverity": "Low",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003141",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1795",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003141",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-21999",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1144",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an unspecified vulnerability in.Information may be tampered with. This vulnerability stems from the fact that the system fails to reasonably restrict some operations when the mobile phone function is healthy. Attackers can use this vulnerability to bypass the restrictions on the healthy use of mobile phones",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1795",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "id": "VAR-202003-1094",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:05:46.358000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-04-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro logic error vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213047"
          },
          {
            "title": "Huawei Mate 20  and Mate 30 Pro Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112622"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1795"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-04-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1795"
          },
          {
            "trust": 0.6,
            "url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-04-smartphone-cn"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "date": "2020-03-20T15:15:14.027000",
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-21999"
          },
          {
            "date": "2020-04-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          },
          {
            "date": "2020-03-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          },
          {
            "date": "2024-11-21T05:11:23.733000",
            "db": "NVD",
            "id": "CVE-2020-1795"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003141"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1144"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-1183

    Vulnerability from variot - Updated: 2024-11-23 22:05

    HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. HUAWEI Mate 20 Is vulnerable to injection.Information may be tampered with. Huawei Mate 20 is a smartphone of China's Huawei (Huawei) company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1183",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0.163\\(c00e160r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "mate 20  firmware  10.1.0.163(c00e160r3p8)  less than"
          },
          {
            "model": "mate \u003c10.1.0.163",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "cve": "CVE-2020-9092",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9092",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-58217",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-9092",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2020-9092",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9092",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9092",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-58217",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-636",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9092",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. HUAWEI Mate 20 Is vulnerable to injection.Information may be tampered with. Huawei Mate 20 is a smartphone of China\u0027s Huawei (Huawei) company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9092"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9092",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9092",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "id": "VAR-202010-1183",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          }
        ],
        "trust": 1.26765326
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:05:25.001000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20201014-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-smartphone-en"
          },
          {
            "title": "Patch for HUAWEI Mate 20 JavaScript injection vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/237439"
          },
          {
            "title": "HUAWEI Mate20 Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131281"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          },
          {
            "problemtype": "injection (CWE-74) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9092"
          },
          {
            "trust": 1.7,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-smartphone-en"
          },
          {
            "trust": 0.6,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20201014-01-smartphone-cn"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/74.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-10-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "date": "2020-10-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9092"
          },
          {
            "date": "2021-05-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "date": "2020-10-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          },
          {
            "date": "2020-10-19T20:15:13.087000",
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-10-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-58217"
          },
          {
            "date": "2020-10-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9092"
          },
          {
            "date": "2021-05-10T07:32:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          },
          {
            "date": "2020-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          },
          {
            "date": "2024-11-21T05:40:00.350000",
            "db": "NVD",
            "id": "CVE-2020-9092"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI\u00a0Mate\u00a020\u00a0 Injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012480"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-636"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201911-0832

    Vulnerability from variot - Updated: 2024-11-23 21:59

    P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC.

    There are security vulnerabilities in various Huawei products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201911-0832",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "hisuite",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "huawei",
            "version": "9.1.0.305"
          },
          {
            "model": "p30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "elle-al00b_9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "p30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "vogue-al00a_9.1.0.193\\(c00e190r2p1\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "hima-al00b_9.1.0.135\\(c00e133r2p1\\)"
          },
          {
            "model": "hisuite",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 \u003celle-al00b 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "p30 pro \u003cvogue-al00a 9.1.0.193",
            "scope": null,
            "trust": 0.6,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate \u003chima-al00b 9.1.0.135",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20x"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:huawei:hisuite",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_pro_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:p30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "vendor",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-5227",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-5227",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2019-30711",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2019-5227",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2019-5227",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-5227",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-5227",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-30711",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201909-199",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. Huawei P30 and others are products of China Huawei. The Huawei P30 is a smart phone. The Huawei P30 Pro is a smartphone. Huawei HiSuite is a mobile assistant application for the PC. \n\nThere are security vulnerabilities in various Huawei products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-5227",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "44307",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "id": "VAR-201911-0832",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          }
        ],
        "trust": 1.4316259699999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:59:38.357000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20190904-01-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
          },
          {
            "title": "Patch for Multiple Huawei product version downgrade vulnerabilities (CNVD-2019-30711)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/179201"
          },
          {
            "title": "Multiple Huawei Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97957"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-346",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5227"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190904-01-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5227"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/44307"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "date": "2019-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "date": "2019-09-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          },
          {
            "date": "2019-11-29T20:15:11.863000",
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-30711"
          },
          {
            "date": "2019-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          },
          {
            "date": "2019-12-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          },
          {
            "date": "2024-11-21T04:44:33.753000",
            "db": "NVD",
            "id": "CVE-2019-5227"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Huawei Vulnerability related to input confirmation in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-012739"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201909-199"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202001-0900

    Vulnerability from variot - Updated: 2024-11-23 21:51

    HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user's desktop in an instant, without unlocking the screen lock of the host user. HUAWEI Mate 20 Smartphones contain an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China's Huawei. The vulnerability stems from logical errors in the system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0900",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 2.0,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0.139\\(c00e133r3p1\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "mate 20  firmware  9.1.0.139(c00e133r3p1)"
          },
          {
            "model": "mate pro \u003c9.1.0.139",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ding Yicong",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-1787",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1787",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-02173",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.7,
                "id": "CVE-2020-1787",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-1787",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1787",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-1787",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-02173",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202001-270",
                "trust": 0.6,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user\u0027s desktop in an instant, without unlocking the screen lock of the host user. HUAWEI Mate 20 Smartphones contain an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Huawei Mate 20 is a smartphone from China\u0027s Huawei. The vulnerability stems from logical errors in the system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1787",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "id": "VAR-202001-0900",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          }
        ],
        "trust": 1.1876653
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:51:45.913000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200108-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 inappropriate authentication vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/197023"
          },
          {
            "title": "Huawei Mate 20 Remediation measures for authorization problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106609"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          },
          {
            "problemtype": "Incorrect authentication (CWE-287) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200108-02-smartphone-cn"
          },
          {
            "trust": 1.0,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-02-smartphone-en"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1787"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "date": "2020-02-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "date": "2020-01-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "date": "2020-01-09T17:15:12.400000",
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-01-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-02173"
          },
          {
            "date": "2020-02-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          },
          {
            "date": "2020-01-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          },
          {
            "date": "2024-11-21T05:11:22.827000",
            "db": "NVD",
            "id": "CVE-2020-1787"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI\u00a0Mate\u00a020\u00a0 Authentication vulnerabilities in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-001494"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202001-270"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202003-1092

    Vulnerability from variot - Updated: 2024-11-23 21:51

    There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1092",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mate 30 pro",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.203\\(c00e202r7p2\\)"
          },
          {
            "model": "mate 20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0.188\\(c00e74r3p8\\)"
          },
          {
            "model": "mate 20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.188(c00e74r3p8)"
          },
          {
            "model": "mate 30 pro",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": "10.0.0.203(c00e202r7p2)"
          },
          {
            "model": "mate \u003c10.0.0.188",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "20"
          },
          {
            "model": "mate pro \u003c10.0.0.203",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "huawei",
            "version": "30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:huawei:mate_30_pro_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          }
        ]
      },
      "cve": "CVE-2020-1793",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-1793",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003319",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-22000",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-1793",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-003319",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-1793",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-003319",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-22000",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202003-1146",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). HUAWEI Mate 20 and Mate 30 Pro There is an authentication vulnerability in.Information may be obtained. You can use this vulnerability to obtain data on locked applications",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-1793",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "id": "VAR-202003-1092",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          }
        ],
        "trust": 1.2276592800000001
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:51:37.488000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "huawei-sa-20200318-02-smartphone",
            "trust": 0.8,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "title": "Patch for Huawei Mate 20 and Mate 30 Pro authorization issue vulnerability (CNVD-2020-22000)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/213045"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1793"
          },
          {
            "trust": 1.6,
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en"
          },
          {
            "trust": 1.2,
            "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200318-02-smartphone-cn"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1793"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "date": "2020-04-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "date": "2020-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "date": "2020-03-20T15:15:13.857000",
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-22000"
          },
          {
            "date": "2020-04-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          },
          {
            "date": "2020-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          },
          {
            "date": "2024-11-21T05:11:23.523000",
            "db": "NVD",
            "id": "CVE-2020-1793"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HUAWEI Mate 20 and  Mate 30 Pro Authentication vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-003319"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202003-1146"
          }
        ],
        "trust": 0.6
      }
    }