Search criteria
8 vulnerabilities found for anne-al00_firmware by huawei
CVE-2019-19412 (GCVE-0-2019-19412)
Vulnerability from nvd – Published: 2020-06-08 18:21 – Updated: 2024-08-05 02:16
VLAI?
Summary
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.
Severity ?
No CVSS data available.
CWE
- FRP Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | ALP-AL00B |
Affected:
earlier than 9.0.0.181(C00E87R2P20T8)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.181(C00E87R2P20T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.201(C432E4R1P9)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.177(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.195(C636E2R1P12)"
}
]
},
{
"product": "Anne-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.168(C00)"
}
]
},
{
"product": "BLA-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.181(C00E88R2P15T8)"
}
]
},
{
"product": "BLA-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.177(C185E2R1P13T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.206(C432E4R1P11)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.179(C576E2R1P7T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.194(C185E2R1P13)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.206(C432E4R1P11)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.210(C635E4R1P13)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.156(C00E156R2P14T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.172(C432)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.173(C636)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.159(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.159(C461E2R1P11T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.160(C432E7R1P11T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.165(C605E2R1P12)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.168(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.168(C782E3R1P11T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.196(C635E2R1P11T8)"
}
]
},
{
"product": "Figo-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
},
{
"product": "Figo-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"status": "affected",
"version": "earlier than 9.1.0.130(C635E6R1P5T8)"
}
]
},
{
"product": "Figo-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
},
{
"product": "Figo-L31",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C432E8R1P5T8)"
}
]
},
{
"product": "Florida-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.121(C605E5R1P1T8)"
}
]
},
{
"product": "Florida-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.129(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.131(C432)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.132(C185)"
}
]
},
{
"product": "Florida-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.132(C636)"
}
]
},
{
"product": "Florida-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.144(C605)"
}
]
},
{
"product": "HUAWEI P smart",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"status": "affected",
"version": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
},
{
"product": "HUAWEI P smart,HUAWEI Y7s",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.124(C636E6R1P5T8)"
}
]
},
{
"product": "HUAWEI P20 lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.148(C635)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.155(C185)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.155(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.156(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.157(C432)"
}
]
},
{
"product": "HUAWEI nova 3e,HUAWEI P20 lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.147(C461)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.148(ZAFC185)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.160(C185)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.160(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.168(C432)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.172(C636)"
}
]
},
{
"product": "Honor View 10",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.202(C567E6R1P12T8)"
}
]
},
{
"product": "Leland-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.182(C00)"
}
]
},
{
"product": "Leland-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.135(C185)"
},
{
"status": "affected",
"version": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
},
{
"product": "Leland-L22A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
},
{
"product": "Leland-L22C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
},
{
"product": "Leland-L31A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.139(C432)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "FRP Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-08T15:29:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.181(C00E87R2P20T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.201(C432E4R1P9)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.177(C185E2R1P12T8)"
},
{
"version_value": "earlier than 9.0.0.195(C636E2R1P12)"
}
]
}
},
{
"product_name": "Anne-AL00",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.168(C00)"
}
]
}
},
{
"product_name": "BLA-AL00B",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.181(C00E88R2P15T8)"
}
]
}
},
{
"product_name": "BLA-L09C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.177(C185E2R1P13T8)"
},
{
"version_value": "earlier than 9.0.0.206(C432E4R1P11)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.179(C576E2R1P7T8)"
},
{
"version_value": "earlier than 9.0.0.194(C185E2R1P13)"
},
{
"version_value": "earlier than 9.0.0.206(C432E4R1P11)"
},
{
"version_value": "earlier than 9.0.0.210(C635E4R1P13)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.156(C00E156R2P14T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.172(C432)"
},
{
"version_value": "earlier than 8.0.0.173(C636)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.159(C185E2R1P12T8)"
},
{
"version_value": "earlier than 9.0.0.159(C461E2R1P11T8)"
},
{
"version_value": "earlier than 9.0.0.160(C432E7R1P11T8)"
},
{
"version_value": "earlier than 9.0.0.165(C605E2R1P12)"
},
{
"version_value": "earlier than 9.0.0.168(C636E7R1P13T8)"
},
{
"version_value": "earlier than 9.0.0.168(C782E3R1P11T8)"
},
{
"version_value": "earlier than 9.0.0.196(C635E2R1P11T8)"
}
]
}
},
{
"product_name": "Figo-L03",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Figo-L21",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"version_value": "earlier than 9.1.0.130(C635E6R1P5T8)"
}
]
}
},
{
"product_name": "Figo-L23",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
}
},
{
"product_name": "Figo-L31",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C432E8R1P5T8)"
}
]
}
},
{
"product_name": "Florida-L03",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.121(C605E5R1P1T8)"
}
]
}
},
{
"product_name": "Florida-L21",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.129(C605)"
},
{
"version_value": "earlier than 8.0.0.131(C432)"
},
{
"version_value": "earlier than 8.0.0.132(C185)"
}
]
}
},
{
"product_name": "Florida-L22",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.132(C636)"
}
]
}
},
{
"product_name": "Florida-L23",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.144(C605)"
}
]
}
},
{
"product_name": "HUAWEI P smart",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
}
},
{
"product_name": "HUAWEI P smart,HUAWEI Y7s",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.124(C636E6R1P5T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 lite",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.148(C635)"
},
{
"version_value": "earlier than 8.0.0.155(C185)"
},
{
"version_value": "earlier than 8.0.0.155(C605)"
},
{
"version_value": "earlier than 8.0.0.156(C605)"
},
{
"version_value": "earlier than 8.0.0.157(C432)"
}
]
}
},
{
"product_name": "HUAWEI nova 3e,HUAWEI P20 lite",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.147(C461)"
},
{
"version_value": "earlier than 8.0.0.148(ZAFC185)"
},
{
"version_value": "earlier than 8.0.0.160(C185)"
},
{
"version_value": "earlier than 8.0.0.160(C605)"
},
{
"version_value": "earlier than 8.0.0.168(C432)"
},
{
"version_value": "earlier than 8.0.0.172(C636)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Honor View 10",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.202(C567E6R1P12T8)"
}
]
}
},
{
"product_name": "Leland-AL00A",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.182(C00)"
}
]
}
},
{
"product_name": "Leland-L21A",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.135(C185)"
},
{
"version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
}
},
{
"product_name": "Leland-L22A",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
}
},
{
"product_name": "Leland-L22C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
}
},
{
"product_name": "Leland-L31A",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.139(C432)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "FRP Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19412",
"datePublished": "2020-06-08T18:21:28",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9069 (GCVE-0-2020-9069)
Vulnerability from nvd – Published: 2020-05-21 14:19 – Updated: 2024-08-04 10:19
VLAI?
Summary
There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8
Severity ?
No CVSS data available.
CWE
- Information Leakage
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| HUAWEI | Anne-AL00 |
Affected:
earlier than 9.1.0.331(C675E9R1P3T8)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Anne-AL00",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.331(C675E9R1P3T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.1.1(C675R1)"
}
]
},
{
"product": "CD16-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD17-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD17-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD18-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD18-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "Columbia-TL00B",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.187(C01E181R1P20T8)"
}
]
},
{
"product": "E6878-370",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.5.1(H610SP10C00)"
}
]
},
{
"product": "HUAWEI P30 lite",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.185(C605E3R1P3)"
},
{
"status": "affected",
"version": "earlier than 10.0.0.197(C432E8R2P7)"
}
]
},
{
"product": "HUAWEI nova 4e",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "9.0.1.113(C675E11R1P12)"
}
]
},
{
"product": "LelandP-L22A",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.166(C675E5R1P4T8)"
}
]
},
{
"product": "Marie-AL00AX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Marie-AL00AY",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Marie-AL00BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Marie-L03BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
},
{
"product": "Marie-L21BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C432E4R4P1)"
},
{
"status": "affected",
"version": "earlier than 10.0.0.188(C461E5R3P1)"
}
]
},
{
"product": "Marie-L22BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C636E3R3P1)"
}
]
},
{
"product": "Marie-L23BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
},
{
"product": "TC5200-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS5200-11",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS5200-12",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.23"
}
]
},
{
"product": "WS5200-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS5200-17",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.23"
}
]
},
{
"product": "WS5800-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.3.27"
}
]
},
{
"product": "WS6500-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS6500-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-29T22:23:46",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Anne-AL00",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.331(C675E9R1P3T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.1.1(C675R1)"
}
]
}
},
{
"product_name": "CD16-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD17-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD17-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD18-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD18-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "Columbia-TL00B",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.187(C01E181R1P20T8)"
}
]
}
},
{
"product_name": "E6878-370",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.5.1(H610SP10C00)"
}
]
}
},
{
"product_name": "HUAWEI P30 lite",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.185(C605E3R1P3)"
},
{
"version_value": "earlier than 10.0.0.197(C432E8R2P7)"
}
]
}
},
{
"product_name": "HUAWEI nova 4e",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "9.0.1.113(C675E11R1P12)"
}
]
}
},
{
"product_name": "LelandP-L22A",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.166(C675E5R1P4T8)"
}
]
}
},
{
"product_name": "Marie-AL00AX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Marie-AL00AY",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Marie-AL00BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Marie-L03BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
}
},
{
"product_name": "Marie-L21BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C432E4R4P1)"
},
{
"version_value": "earlier than 10.0.0.188(C461E5R3P1)"
}
]
}
},
{
"product_name": "Marie-L22BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C636E3R3P1)"
}
]
}
},
{
"product_name": "Marie-L23BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
}
},
{
"product_name": "TC5200-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS5200-11",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS5200-12",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.23"
}
]
}
},
{
"product_name": "WS5200-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS5200-17",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.23"
}
]
}
},
{
"product_name": "WS5800-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.3.27"
}
]
}
},
{
"product_name": "WS6500-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS6500-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
}
]
},
"vendor_name": "HUAWEI"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9069",
"datePublished": "2020-05-21T14:19:31",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-2215 (GCVE-0-2019-2215)
Vulnerability from nvd – Published: 2019-10-11 18:16 – Updated: 2025-10-21 23:45
VLAI?
Summary
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:42:50.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-2215",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:04:20.328785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:29.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-2215 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T19:06:43.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2019-2215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2019-10-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"name": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191031-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"name": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2019-2215",
"datePublished": "2019-10-11T18:16:48.000Z",
"dateReserved": "2018-12-10T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:29.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-7924 (GCVE-0-2018-7924)
Vulnerability from nvd – Published: 2018-10-17 15:00 – Updated: 2024-08-05 06:37
VLAI?
Summary
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.
Severity ?
No CVSS data available.
CWE
- information leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | Anne-AL00 |
Affected:
Versions earlier than 8.0.0.151(C00)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Anne-AL00",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 8.0.0.151(C00)"
}
]
}
],
"datePublic": "2018-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T14:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Anne-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 8.0.0.151(C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7924",
"datePublished": "2018-10-17T15:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19412 (GCVE-0-2019-19412)
Vulnerability from cvelistv5 – Published: 2020-06-08 18:21 – Updated: 2024-08-05 02:16
VLAI?
Summary
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.
Severity ?
No CVSS data available.
CWE
- FRP Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | ALP-AL00B |
Affected:
earlier than 9.0.0.181(C00E87R2P20T8)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALP-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.181(C00E87R2P20T8)"
}
]
},
{
"product": "ALP-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.201(C432E4R1P9)"
}
]
},
{
"product": "ALP-L29",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.177(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.195(C636E2R1P12)"
}
]
},
{
"product": "Anne-AL00",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.168(C00)"
}
]
},
{
"product": "BLA-AL00B",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.181(C00E88R2P15T8)"
}
]
},
{
"product": "BLA-L09C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.177(C185E2R1P13T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.206(C432E4R1P11)"
}
]
},
{
"product": "BLA-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.179(C576E2R1P7T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.194(C185E2R1P13)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.206(C432E4R1P11)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.210(C635E4R1P13)"
}
]
},
{
"product": "Berkeley-AL20",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.156(C00E156R2P14T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.172(C432)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.173(C636)"
}
]
},
{
"product": "Emily-L29C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.159(C185E2R1P12T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.159(C461E2R1P11T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.160(C432E7R1P11T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.165(C605E2R1P12)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.168(C636E7R1P13T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.168(C782E3R1P11T8)"
},
{
"status": "affected",
"version": "earlier than 9.0.0.196(C635E2R1P11T8)"
}
]
},
{
"product": "Figo-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
},
{
"product": "Figo-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"status": "affected",
"version": "earlier than 9.1.0.130(C635E6R1P5T8)"
}
]
},
{
"product": "Figo-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
},
{
"product": "Figo-L31",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C432E8R1P5T8)"
}
]
},
{
"product": "Florida-L03",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.121(C605E5R1P1T8)"
}
]
},
{
"product": "Florida-L21",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.129(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.131(C432)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.132(C185)"
}
]
},
{
"product": "Florida-L22",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.132(C636)"
}
]
},
{
"product": "Florida-L23",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.144(C605)"
}
]
},
{
"product": "HUAWEI P smart",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"status": "affected",
"version": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
},
{
"product": "HUAWEI P smart,HUAWEI Y7s",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.124(C636E6R1P5T8)"
}
]
},
{
"product": "HUAWEI P20 lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.148(C635)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.155(C185)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.155(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.156(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.157(C432)"
}
]
},
{
"product": "HUAWEI nova 3e,HUAWEI P20 lite",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.147(C461)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.148(ZAFC185)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.160(C185)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.160(C605)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.168(C432)"
},
{
"status": "affected",
"version": "earlier than 8.0.0.172(C636)"
}
]
},
{
"product": "Honor View 10",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.202(C567E6R1P12T8)"
}
]
},
{
"product": "Leland-AL00A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.182(C00)"
}
]
},
{
"product": "Leland-L21A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.135(C185)"
},
{
"status": "affected",
"version": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
},
{
"product": "Leland-L22A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
},
{
"product": "Leland-L22C",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
},
{
"product": "Leland-L31A",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "earlier than 8.0.0.139(C432)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "FRP Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-08T15:29:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ALP-AL00B",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.181(C00E87R2P20T8)"
}
]
}
},
{
"product_name": "ALP-L09",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.201(C432E4R1P9)"
}
]
}
},
{
"product_name": "ALP-L29",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.177(C185E2R1P12T8)"
},
{
"version_value": "earlier than 9.0.0.195(C636E2R1P12)"
}
]
}
},
{
"product_name": "Anne-AL00",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.168(C00)"
}
]
}
},
{
"product_name": "BLA-AL00B",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.181(C00E88R2P15T8)"
}
]
}
},
{
"product_name": "BLA-L09C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.177(C185E2R1P13T8)"
},
{
"version_value": "earlier than 9.0.0.206(C432E4R1P11)"
}
]
}
},
{
"product_name": "BLA-L29C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.179(C576E2R1P7T8)"
},
{
"version_value": "earlier than 9.0.0.194(C185E2R1P13)"
},
{
"version_value": "earlier than 9.0.0.206(C432E4R1P11)"
},
{
"version_value": "earlier than 9.0.0.210(C635E4R1P13)"
}
]
}
},
{
"product_name": "Berkeley-AL20",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.156(C00E156R2P14T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.172(C432)"
},
{
"version_value": "earlier than 8.0.0.173(C636)"
}
]
}
},
{
"product_name": "Emily-L29C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.159(C185E2R1P12T8)"
},
{
"version_value": "earlier than 9.0.0.159(C461E2R1P11T8)"
},
{
"version_value": "earlier than 9.0.0.160(C432E7R1P11T8)"
},
{
"version_value": "earlier than 9.0.0.165(C605E2R1P12)"
},
{
"version_value": "earlier than 9.0.0.168(C636E7R1P13T8)"
},
{
"version_value": "earlier than 9.0.0.168(C782E3R1P11T8)"
},
{
"version_value": "earlier than 9.0.0.196(C635E2R1P11T8)"
}
]
}
},
{
"product_name": "Figo-L03",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Figo-L21",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"version_value": "earlier than 9.1.0.130(C635E6R1P5T8)"
}
]
}
},
{
"product_name": "Figo-L23",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
}
},
{
"product_name": "Figo-L31",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C432E8R1P5T8)"
}
]
}
},
{
"product_name": "Florida-L03",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.121(C605E5R1P1T8)"
}
]
}
},
{
"product_name": "Florida-L21",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.129(C605)"
},
{
"version_value": "earlier than 8.0.0.131(C432)"
},
{
"version_value": "earlier than 8.0.0.132(C185)"
}
]
}
},
{
"product_name": "Florida-L22",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.132(C636)"
}
]
}
},
{
"product_name": "Florida-L23",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.144(C605)"
}
]
}
},
{
"product_name": "HUAWEI P smart",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
},
{
"version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
}
]
}
},
{
"product_name": "HUAWEI P smart,HUAWEI Y7s",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.124(C636E6R1P5T8)"
}
]
}
},
{
"product_name": "HUAWEI P20 lite",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.148(C635)"
},
{
"version_value": "earlier than 8.0.0.155(C185)"
},
{
"version_value": "earlier than 8.0.0.155(C605)"
},
{
"version_value": "earlier than 8.0.0.156(C605)"
},
{
"version_value": "earlier than 8.0.0.157(C432)"
}
]
}
},
{
"product_name": "HUAWEI nova 3e,HUAWEI P20 lite",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.147(C461)"
},
{
"version_value": "earlier than 8.0.0.148(ZAFC185)"
},
{
"version_value": "earlier than 8.0.0.160(C185)"
},
{
"version_value": "earlier than 8.0.0.160(C605)"
},
{
"version_value": "earlier than 8.0.0.168(C432)"
},
{
"version_value": "earlier than 8.0.0.172(C636)"
}
]
}
}
]
},
"vendor_name": "Huawei"
},
{
"product": {
"product_data": [
{
"product_name": "Honor View 10",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.202(C567E6R1P12T8)"
}
]
}
},
{
"product_name": "Leland-AL00A",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.182(C00)"
}
]
}
},
{
"product_name": "Leland-L21A",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.135(C185)"
},
{
"version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
}
},
{
"product_name": "Leland-L22A",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
}
},
{
"product_name": "Leland-L22C",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
}
]
}
},
{
"product_name": "Leland-L31A",
"version": {
"version_data": [
{
"version_value": "earlier than 8.0.0.139(C432)"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "FRP Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19412",
"datePublished": "2020-06-08T18:21:28",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9069 (GCVE-0-2020-9069)
Vulnerability from cvelistv5 – Published: 2020-05-21 14:19 – Updated: 2024-08-04 10:19
VLAI?
Summary
There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8
Severity ?
No CVSS data available.
CWE
- Information Leakage
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| HUAWEI | Anne-AL00 |
Affected:
earlier than 9.1.0.331(C675E9R1P3T8)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:19.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Anne-AL00",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.331(C675E9R1P3T8)"
}
]
},
{
"product": "Berkeley-L09",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.1.1(C675R1)"
}
]
},
{
"product": "CD16-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD17-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD17-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD18-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "CD18-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "Columbia-TL00B",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 9.0.0.187(C01E181R1P20T8)"
}
]
},
{
"product": "E6878-370",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.5.1(H610SP10C00)"
}
]
},
{
"product": "HUAWEI P30 lite",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.185(C605E3R1P3)"
},
{
"status": "affected",
"version": "earlier than 10.0.0.197(C432E8R2P7)"
}
]
},
{
"product": "HUAWEI nova 4e",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Honor 10 Lite",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "9.0.1.113(C675E11R1P12)"
}
]
},
{
"product": "LelandP-L22A",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 9.1.0.166(C675E5R1P4T8)"
}
]
},
{
"product": "Marie-AL00AX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Marie-AL00AY",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Marie-AL00BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
},
{
"product": "Marie-L03BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
},
{
"product": "Marie-L21BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C432E4R4P1)"
},
{
"status": "affected",
"version": "earlier than 10.0.0.188(C461E5R3P1)"
}
]
},
{
"product": "Marie-L22BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C636E3R3P1)"
}
]
},
{
"product": "Marie-L23BX",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
},
{
"product": "TC5200-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS5200-11",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS5200-12",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.23"
}
]
},
{
"product": "WS5200-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS5200-17",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.23"
}
]
},
{
"product": "WS5800-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.3.27"
}
]
},
{
"product": "WS6500-10",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
},
{
"product": "WS6500-16",
"vendor": "HUAWEI",
"versions": [
{
"status": "affected",
"version": "earlier than 10.0.2.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-29T22:23:46",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Anne-AL00",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.331(C675E9R1P3T8)"
}
]
}
},
{
"product_name": "Berkeley-L09",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.1.1(C675R1)"
}
]
}
},
{
"product_name": "CD16-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD17-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD17-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD18-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "CD18-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "Columbia-TL00B",
"version": {
"version_data": [
{
"version_value": "earlier than 9.0.0.187(C01E181R1P20T8)"
}
]
}
},
{
"product_name": "E6878-370",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.5.1(H610SP10C00)"
}
]
}
},
{
"product_name": "HUAWEI P30 lite",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.185(C605E3R1P3)"
},
{
"version_value": "earlier than 10.0.0.197(C432E8R2P7)"
}
]
}
},
{
"product_name": "HUAWEI nova 4e",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Honor 10 Lite",
"version": {
"version_data": [
{
"version_value": "9.0.1.113(C675E11R1P12)"
}
]
}
},
{
"product_name": "LelandP-L22A",
"version": {
"version_data": [
{
"version_value": "earlier than 9.1.0.166(C675E5R1P4T8)"
}
]
}
},
{
"product_name": "Marie-AL00AX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Marie-AL00AY",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Marie-AL00BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.158(C00E64R1P9)"
}
]
}
},
{
"product_name": "Marie-L03BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
}
},
{
"product_name": "Marie-L21BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C432E4R4P1)"
},
{
"version_value": "earlier than 10.0.0.188(C461E5R3P1)"
}
]
}
},
{
"product_name": "Marie-L22BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C636E3R3P1)"
}
]
}
},
{
"product_name": "Marie-L23BX",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.0.188(C605E5R1P1)"
}
]
}
},
{
"product_name": "TC5200-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS5200-11",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS5200-12",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.23"
}
]
}
},
{
"product_name": "WS5200-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS5200-17",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.23"
}
]
}
},
{
"product_name": "WS5800-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.3.27"
}
]
}
},
{
"product_name": "WS6500-10",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
},
{
"product_name": "WS6500-16",
"version": {
"version_data": [
{
"version_value": "earlier than 10.0.2.8"
}
]
}
}
]
},
"vendor_name": "HUAWEI"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.0.2.8; CD18-16 Versions earlier than 10.0.2.8; Columbia-TL00B Versions earlier than 9.0.0.187(C01E181R1P20T8); E6878-370 Versions earlier than 10.0.5.1(H610SP10C00); HUAWEI P30 lite Versions earlier than 10.0.0.185(C605E3R1P3), Versions earlier than 10.0.0.197(C432E8R2P7); HUAWEI nova 4e Versions earlier than 10.0.0.158(C00E64R1P9); Honor 10 Lite 9.0.1.113(C675E11R1P12); LelandP-L22A Versions earlier than 9.1.0.166(C675E5R1P4T8); Marie-AL00AX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00AY Versions earlier than 10.0.0.158(C00E64R1P9); Marie-AL00BX Versions earlier than 10.0.0.158(C00E64R1P9); Marie-L03BX Versions earlier than 10.0.0.188(C605E5R1P1); Marie-L21BX Versions earlier than 10.0.0.188(C432E4R4P1), Versions earlier than 10.0.0.188(C461E5R3P1); Marie-L22BX Versions earlier than 10.0.0.188(C636E3R3P1); Marie-L23BX Versions earlier than 10.0.0.188(C605E5R1P1); TC5200-16 Versions earlier than 10.0.2.8; WS5200-11 Versions earlier than 10.0.2.8; WS5200-12 Versions earlier than 10.0.2.23; WS5200-16 Versions earlier than 10.0.2.8; WS5200-17 Versions earlier than 10.0.2.23; WS5800-10 Versions earlier than 10.0.3.27; WS6500-10 Versions earlier than 10.0.2.8; WS6500-16 Versions earlier than 10.0.2.8"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9069",
"datePublished": "2020-05-21T14:19:31",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:19.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-2215 (GCVE-0-2019-2215)
Vulnerability from cvelistv5 – Published: 2019-10-11 18:16 – Updated: 2025-10-21 23:45
VLAI?
Summary
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Severity ?
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:42:50.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-2215",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:04:20.328785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:29.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-2215 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-02T19:06:43.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2019-2215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2019-10-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-10-01"
},
{
"name": "20191018 CVE 2019-2215 Android Binder Use After Free",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Oct/38"
},
{
"name": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191031-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"name": "USN-4186-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4186-1/"
},
{
"name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
},
{
"name": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
},
{
"name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2019-2215",
"datePublished": "2019-10-11T18:16:48.000Z",
"dateReserved": "2018-12-10T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:29.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-7924 (GCVE-0-2018-7924)
Vulnerability from cvelistv5 – Published: 2018-10-17 15:00 – Updated: 2024-08-05 06:37
VLAI?
Summary
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.
Severity ?
No CVSS data available.
CWE
- information leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | Anne-AL00 |
Affected:
Versions earlier than 8.0.0.151(C00)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Anne-AL00",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Versions earlier than 8.0.0.151(C00)"
}
]
}
],
"datePublic": "2018-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T14:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2018-7924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Anne-AL00",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 8.0.0.151(C00)"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181017-01-smartphone-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2018-7924",
"datePublished": "2018-10-17T15:00:00",
"dateReserved": "2018-03-09T00:00:00",
"dateUpdated": "2024-08-05T06:37:59.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}